Data Breach Hits Sandwich Chain, Mom-and-Pop Restaurants (Oct. 1, 2014)
Large retailers and financial institutions aren’t the only victims of fraudsters on the prowl for payment card data. Champaign, Ill.-based Jimmy John’s sandwich chain announced last week approximately 10 percent of its 2,000 stores might have had payment card data stolen remotely from its POS machines. Since then, it’s being reported that 108 other restaurants throughout the U.S., ranging from pizza places to ice cream shops, also have been affected. Signature Systems Inc., the provider of the POS systems, determined that an unauthorized person gained access to a user name and password that the company used to remotely access POS systems, and the fraudster installed malware designed to capture payment card data from cards that were swiped through terminals. The malware was capable of capturing the cardholder’s name, card number, expiration date and verification code. The company was first alerted to a potential breach July 30, 2014. The company has removed the malware and hired a computer security firm to investigate every POS system and help implement improved security measures.
See related stories: