PSA - Breach at Arby's

KrebsOnSecurity.com (2017-Feb-09) : Fast Food Chain Arby’s Acknowledges Breach


Sources at nearly a half-dozen banks and credit unions independently reached out over the past 48 hours to inquire if I’d heard anything about a data breach at Arby’s fast-food restaurants. Asked about the rumors, Arby’s told KrebsOnSecurity that it recently remediated a breach involving malicious software installed on payment card systems at hundreds of its restaurant locations nationwide.

A spokesperson for Atlanta, Ga.-based Arby’s said the company was first notified by industry partners in mid-January about a breach at some stores, but that it had not gone public about the incident at the request of the FBI.

---

Arby’s said the breach involved malware placed on payment systems inside Arby’s corporate stores, and that Arby’s franchised restaurant locations were not impacted.

Arby’s has more than 3,330 stores in the United States, and roughly one-third of those are corporate-owned. The remaining stores are franchises. However, this distinction is likely to be lost on Arby’s customers until the company releases more information about individual restaurant locations affected by the breach.

“Although there are over 1,000 corporate Arby’s restaurants, not all of the corporate restaurants were affected,” said Christopher Fuller, Arby’s senior vice president of communications. “But this is the most important point: That we have fully contained and eradicated the malware that was on our point-of-sale systems.”

---

Arby’s declined to say how long the malware was thought to have stolen credit and debit card data from infected corporate payment systems. But the PSCU notice said the breach is estimated to have occurred between Oct. 25, 2016 and January 19, 2017.


oldbooks1Conic_EllipseIsamorph

Comments

  • oldbooks1oldbooks1 Champion 174
    It is indeed reassuring that the FBI intervened to ensure possible victims of this breach were not alarmed by news of the breach until such time as the FBI felt their emotional state was sufficiently stable for them to be able to cope effectively with such stressful news.  The fact that additional victims might have been affected during this interval or original victims subject to greater harm was a necessary form of collateral damage.

    In fact, it recalls the original noble purpose of the FBI which was to F(urther)B(est)I(nterests) of parties, that for security reasons can, understandably, not be disclosed.
    VoIPFanRPConic_EllipseSoteria1
  • I love the sandwiches there but lucky me I use cash
    oldbooks1VoIPFanRP
  • kvnc75kvnc75 Novice 1
    Where's the beef?
    oldbooks1VoIPFanRP
  • mhhmhh MVP 30
    kvnc75:
    Where's the beef?

    Not at Arby's, although I have not eaten there since the 1970s. Back then it was made of chunks of some meat-like substance formed into a log. The curly fries remind me of rats tails.

    oldbooks1VoIPFanRP
  • Did the malicious software  get a Cheesy Roast beef melt?
    oldbooks1VoIPFanRP
  • hhfpphonehhfpphone Ethical Committee 222
    Virus on the sandwiches?!?
  • mhhmhh MVP 30
    hhfpphone:
    Virus on the sandwiches?!?

    There was malware on the POS terminals to go with the malfood they serve.

  • VoIPFanRPVoIPFanRP All Star 73

    You're now on a watch list! :p



    mhh:
    Back then it was made of chunks of some meat-like substance formed into a log.

    Processed beef pressed into a log roll.  


    I discovered it can be pressed into different shapes when I was in Chicago - I stopped by a fast food gyro restaurant, and was very surprised when I was served processed meat, even though it was spinning in a vertical rotisserie...

  • hhfpphonehhfpphone Ethical Committee 222
    VoIPFanRP:

    I discovered it can be pressed into different shapes when I was in Chicago - I stopped by a fast food gyro restaurant, and was very surprised when I was served processed meat, even though it was spinning in a vertical rotisserie...

    I thought that meat came from some mystic creature that just happened to be shaped like that. :D  
    VoIPFanRPSoteria1
  • VoIPFanRPVoIPFanRP All Star 73
    :D
    Soteria1
Sign In or Register to comment.