Jeanne Price reports:
Phishing emails, lax security or a previously unknown software flaw could turn out to be the cause of the latest eatery data breach. This one hit a number of prominent restaurants in the Pacific Northwest after hackers gained access a Point Of Sale (POS) system created by Information Systems & Supplies (ISS) of Vancouver, Washington.
“We recently discovered that our Log-Me-In account was breached on February 28, March 5 and April 18, 2014. We have reason to believe that the data accessed could include credit card information from any cards used by your customers between these dates,” a letter signed by ISS president Thomas Potter obtained by BankInfoSecurity stated. That letter was dated June 12 but not mailed until a week later.
Read more on idRADAR.com
If the LogMeIn reference in the story seems familiar, it’s because we also saw it misused in a breach involving a number of Subway restaurants.
Update to this story: ISS has apparently altered its client list web page linked in my article to remove any reference to individual businesses involved in this case. The page is now blank.