Cyber Attacks Continue as Malware Hits PoS of Four Food Outlets
Cyber attacks in business systems will continue to rise, reaching a point of becoming a norm, as forewarned by the Global Risks Report in 2018,. In the recent past 2 days, four food businesses, namely Moe’s Southwest Grill, McAlister’s Deli, Schlotzsky’s and Hy-Vee Supermarket, came out with reports that their Point of Sale (PoS) machines were infected by a malware that was able to steal customer information.
Focus Brands, the owner of the three food chains, said the company’s network was infected with malware that copied information from cards that entered point-of-sale payment systems across different locations. All three Focus Brands food outlets are spread through 1,500 different locations across American states.
Hy-Vee supermarkets,on the other hand, operate in about 254 retail sites in convenience stores, drug stores, groceries and fuel pumps.
Synopsis of Focus Brand’s Report on PoS Malware Attacks
According to Focus Brands, cyber attacks that infiltrated their network via the three food subsidiaries had started on three different dates. Although cyber security experts were able to end the malware intrusion on July 22, 2019, the report did not give specific details about the customer cards that had been scraped for information.
The malware operation began last April 11 at a Schlotzsky’s outlet, while the attacks at McAlister’s and Moe’s began in April 29, 2019.
Synopsis of Hy-Vee’s Report on PoS Malware Attacks
Unlike the malware that attacked the three Focus Brands food chain for only about a month, the HY-Vee malware had been present in the PoS systems since November 2018. It was detected only in July 29, when unauthorized activities started registering on some of their PoS processing machines. It was only then that cyber security experts were called upon to conduct an investigation.
The malware operation in fuel pump PoS transpired since December 14, 2018, while the attacks in PoS drive-thrus and restaurants began in January 15, 2019. Yet in six still undetermined locations, experts suspects that the malware may have operated by as early as November 09, 2018.
Hy-Vee’s latest update about the cyber attacks included a lookup tool for identifying the Hy-Vee fuel pumps, restaurants and drive-thru coffee shops, and restaurants whose PoS were compromised. That way customers can determine if they had used their payment card payment during the periods indicated.