Aldaco’s has posted a notice on its web site, as noticed and first reported by MySanAntonio.com:
Dear Customers,
Our business has been another senseless victim of breach of data. Authorities have investigated and have clearly determined that the breach was not the result of any wrong doings by an in-house employee or management.
We have cooperated fully, and will continue to cooperate, with the US Secret Service, the SAPD Fraudulent Unit, Capital One Merchant Services and Capital One Financial Institution.
We are upset that this has happened, and most of all, we are very angry that our valued customers may experience any compromise or violation as well.
Aldaco’s has always taken the utmost precautions with security programs and have always maintained latest versions of Aloha and the adequate software to comply and prevent any compromise of data. This, unfortunately, was unforeseen. We have sought professional advice and all precautions have been taken. One major step, our credit card system has reversed to DIAL-UP and we are no longer on the internet for authorizations — we are guaranteed that this situation is under 100% control.
If the credit card(s) that you use when you visit Aldaco’s Stone Oak have not been compromised as of yet… PLEASE CANCEL YOUR CARD IMMEDIATELY AND REQUEST A NEW ONE.
[…]
What’s interesting to me about their notice, apart from their very human approach of expressing anger about the situation and their simple proactive advice to cancel cards even if they have not yet been misused, is that they specifically name their POS software.
Note and Correction: It seems that Kristina De Leon of WOIA may have had the story first and adds more to the story:
Aldaco’s Mexican Cuisine at Stone Oak has a note on the front door apologizing to customers. Some of those customers are now getting charges from as far away at Italy.
“They know that it was a breach, and they know that the breach came from Russia, that’s for sure,” explained Blanca Aldaco. “So, we are working with our I.T. guy. They’re definitely looking into. Hopefully, they can figure out what the IP address is.”
The U.S. Secret Service and the San Antonio Police Department’s Fraud Unit is also investigating. Neither would comment, but News 4 WOAI learned they are trying to track down the overseas hacker.