DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Update to Restaurant Depot/Jetro breach

Posted on December 16, 2011 by Dissent

The recent Restaurant Depot/Jetro breach that I reported on Dec. 7  provides a timely example of the issue of unreimbursed harm that consumers grapple with on a daily basis.  As I continue to follow media coverage on that breach, it is clear that not only is there financial impact of this breach (the hacked card numbers have been misused), but there have been other types of as yet unreimbursed harm.

In today’s Boston Herald, Jerry Kronenberg reports how one customer of Restaurant Depot was affected:

Cris Maloof of Quincy’s Schoolhouse Pizza said scammers charged $14,000 on three of his credit cards, while his wife found her account shut off when she went shopping on Black Friday.

The bank ultimately straightened everything out, but someone contacted Schoolhouse Pizza’s utility and had the power shut off this week. That took Maloof an hour to reverse.

“It’s insane,” he said. “The inconvenience and the amount of hoops I’ve had to jump through — with the bank, with getting a new tax identification number, with everything — was just ridiculous.”

Not all of the 300,000 affected customers may have stories like that and Restaurant Depot has offered credit restoration services and reimbursement for expenses incurred, but it is not clear what happens to reimbursement for time spent and frustration.

I think Restaurant Depot is trying to do the right thing by its customers (although some will undoubtedly point out that obviously, they were not PCI compliant and could have avoided the entire mess). But at the end of the day, are customers really made whole by packages such as that offered in this case? And what about those entities that do not even offer credit restoration services and compensation? Is the best we can hope for harm minimization without full restoration and compensation? Is this the price we pay if we use plastic and trust others with our data? Or is there a better way – with or without regulation?

Related posts:

  • 1749 French based Sites Defaced by CwGhost.
  • Franchises from at least three national pizza chains hacked (update2)
  • Commentary: Repeated insider breaches at TD Bank should trigger federal regulator investigation (update 1)
  • Hack attack: Pizza Hut loses customer information
Category: Breach IncidentsBusiness SectorID TheftMalwareU.S.

Post navigation

← AU: Bank of Melbourne in privacy breach
HI: Tax data infiltrated by state workers (updated) →

1 thought on “Update to Restaurant Depot/Jetro breach”

  1. Major Tom says:
    December 20, 2011 at 9:29 am

    Credit Restoration is good for how long? How many crooks see the vulnerable person as a juicy “A+” candidate, then a B, then a C and so forth. I think once your PII data is out there its just a matter of time. I am sure there are a few crooks that will offer the data just once and get rid of it, but others may hold onto it in hopes that it can be used again in the future. The water gets really murky as to where PII info has come from. Some will accuse the company that got breached, but what aboiut those companies that do not offer such information….”Hype-pathetically” speaking, if a cover up occurs, whether by workers, managers or a combo of each, the true path to the leaking of PII is almost untracable. Crooks know this.

    As far as reimbursement for time and pain, it should be charged via a documented hourly wage. If a person is standing in a line or resolving a PII or CC issue, rather than doing his job, an average, or a well documented timeline with reciepts which show time, date and costs involved could be used as a restitutional plea.

    Many Financial institutions are greedy. Most want part of the consumer knee-jerk purchasing with a credit card. They get to pay the price when it becomes violated. They know the risk thats associated with Credit Card usage, but they continue to offer those services – and its a widespread pandemic. The money must still be OK, otherwise they would turn the leaky tap off completely.

    Which costs more? A technology upgrade/refresh of the credit card industry – very possible if they work togther, or keep on using antiquated services that are obviously broken?

    Sure people can use cash, money orders, wire transfers and the like and be more secure than others. One has to remember that the risk then transfers to the “insider” and technologies such as skimmers.

    Fix all this, and then the crooks will get insiders to change out money drawers with counterfit bills and poison the economy even more. The possibilities are endless. depends on how hard you want to look to see whats going on in the world.

    Treat the PII CC violators as they should be. Give them mandatory sentences, much like the convicted DUI DWI people are. Leaving room for negotiations and mis-interpretation of laws and the twisting of them, will only make this worse.

    The American dream is to have houses; have the Family business running smoothly and the comfort knowing that all is safe. The “American” may still be there, but know they dark side will taint even some of the best people, with promises of making a quick dollar – until the smaller fish are caught, and the bigger ones move on to find other puppets.

    There isn’t a simple solution to this issue. Its like a toxic spillage in a highly vulnerable area. They initial cleanup will take some time, but what about the after-effects many years down the road?

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.