DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

PA: One Lincoln Restaurant customers’ data compromised by Backoff malware

Posted on December 20, 2014 by Dissent

The Gettysburg Times reports:

Those who paid for meals at Gettysburg Hotel’s One Lincoln Restaurant using a credit card between June 2 and July 31 may have had their data compromised, according to a news release from the hotel.

Delaware Business Systems, the hotel’s point-of-sale vendor, told the restaurant on Aug. 6 that the “Back-off” malicious software virus had been placed on the hotel’s system.

[…]

If you look very carefully on One Lincoln’s web site, you’ll see a link in the footer to “Payment Card Notice.” The notice reads:

To Our Customers:

One Lincoln (the “Restaurant”) is providing this notification pursuant to Pennsylvania’s Breach of Personal Information Notification Act, 73 Pa. C.S. § 2301, et seq. and Maryland Personal Information Protection Act, Md. Code Com. Law §§ 14-3501 et seq.

The Restaurant learned that, on or about June 2, 2014, malware was installed on portions of its point of sale (“POS”) system by unauthorized person(s) which resulted in a security breach of certain personal information of Restaurant customers. On July 31, 2014, the Restaurant was alerted by its POS service provider of the malware and it was removed immediately.

As a result, from June 2, 2014 to July 31, 2014, the individual(s) who installed the malware may have obtained certain payment card information of customers who dined in the restaurant during that time period and used their credit card to pay for the meal. According to a notice issued by the U.S. Department of Homeland Security (https://www.us-cert.gov/ncas/alerts/TA14-212A), the “Back Off” malware targeted point of sales systems on a national level and has the ability to exfiltrate certain personal information from the credit card, such as names and account information, prior to it being encrypted. The breached data may have included customer names, account numbers, CVV security codes, and card expiration dates. No other personal information of customers (such as addresses, email addresses, social security numbers, or account PIN numbers) was compromised.

Upon being alerted to the presence of the malware, the Restaurant took immediate steps to eliminate the breach and protect its customers’ personal information by (1) immediately bringing in an expert forensic firm to analyze the system and the intrusion, and then deactivate and remove the malware; (2) cooperating with law enforcement to investigate the theft and misuse of computerized credit card information; (3) working with its POS system vendor to better protect the system from other intruders; and (4) taking steps to enhance and bolster its security systems.

Please note that this malware breach was exclusive to One Lincoln Restaurant.

Since the Restaurant is unable to identify all those customers whose credit card information may have been compromised as a result of this incident, we are providing this notification on the One Lincoln website (www.onelincoln.net) so that any past Restaurant customer can take appropriate action, in conjunction with our efforts, to minimize or eliminate potential harm if you believe your personal information was comprised.

[…]

Frankly, the link to the notice is so tiny that I doubt any past customer would even notice it. If this is their substitute notice, how about a more conspicuously placed and larger font link to “Notice of Payment Card Breach.” ?  


Related:

  • BlackSuit ransomware site seized as part of Operation Checkmate
  • The day after XSS.is forum was seized, it struggles to come back online -- but is it really them?
  • Korea imposes 343 million won penalty on HAESUNG DS for data breach of 70,000 shareholders
  • Paying cyberattackers is wrong, right? Should Taos County's incident be an exception? (1)
  • HHS OCR Settles HIPAA Ransomware Investigation with Syracuse ASC for $250k plus corrective action plan
  • Clorox Files $380M Suit Alleging Cognizant Gave Hackers Passwords in Catastrophic 2023 Cyberattack
Category: Business SectorCommentaries and AnalysesMalware

Post navigation

← Quest Diagnostics notifies employees of breach after email attachment error (UPDATE)
Controversial podcaster listened in on therapist wife meeting with her clients: lawsuit →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure
  • Hacker group “Silent Crow” claims responsibility for cyberattack on Russia’s Aeroflot
  • AIIMS ORBO Portal Vulnerability Exposing Sensitive Organ Donor Data Discovered by Researcher
  • Two Data Breaches in Three Years: McKenzie Health
  • Scattered Spider is running a VMware ESXi hacking spree
  • BreachForums — the one that went offline in April — reappears with a new founder/owner
  • Fans React After NASCAR Confirms Ransomware Breach
  • Allianz Life says ‘majority’ of customers’ personal data stolen in cyberattack (1)
  • Infinite Services notifying employees and patients of limited ransomware attack
  • The safe place for women to talk wasn’t so safe: hackers leak 13,000 user photos and IDs from the Tea app

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • California Attorney General Announces $1.55M CCPA Settlement with Healthline.com
  • Canada’s Bill C-2 Opens the Floodgates to U.S. Surveillance
  • Wiretap Suits Pit Old Privacy Laws Against New AI Technology
  • Action against tiny Scottish charity sparks huge ICO row
  • Congress tries to outlaw AI that jacks up prices based on what it knows about you
  • Microsoft’s controversial Recall feature is now blocked by Brave and AdGuard
  • Trump Administration Issues AI Action Plan and Series of AI Executive Orders

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.