Rally’s and Checkers’ POS Infection Since 2015 Exposed
Did you patronize one of the Rally’s food joints and Checkers Drive-In restaurants since December 2015? Then this news is for you: The two drive-through food chains with 100+ branches in the United States had 15% of their cash registers infected by POS malware since late 2015. Customer information was harvested by the malware, with the latest data showed that retail transactions till April 30, 2019, were affected. Rally’s and Checkers operate stores in the states of Virginia, Tennessee, Pennsylvania, Ohio, North Carolina, New York, New Jersey, Nevada, Michigan, Louisiana, Kentucky, Indiana, Illinois, Georgia, Florida, Delaware, California, Arizona and Alabama.
One of the worst hit with malware was Rally’s food joint in Los Angeles, where the infection period of the Point-of-Sales Terminal started December 17, 2015 with the store technicians only able to clean the machine on March 28, 2018. “After becoming aware of a potential issue, we retained data security experts to understand its nature and scope. Based on the investigation, we determined that malware was installed on certain point-of-sale systems at some Checkers and Rally’s locations, which appears to have enabled an unauthorized party to obtain the payment card data of some guests,” explained Kim Francis, Media coordinator for Magpie, LLC, the umbrella entity that owns both Checkers and Rally’s.
In the name of transparency Magpie posted in its website a list of all its branches with customer exposed data and the period of infection. We in hackercombat.com highly recommend customers of the two food chains to check-out the list, in order to narrow down the possibility of their personal information being part of the leak. Kim Francis also disclosed that the customer data that the POS held came from the magnetic-stripe debit/credit card that their clients used to pay for the food purchases. In the United States, the use of magnetic-stripe cards for payment are still prevalent compared to the more secure EMV (Europay Mastercard Visa) chip-based cards. The likely information exposed are the card holder’s full name, card number, verification code and expiration dates of the card.
“After identifying the incident, we promptly launched an extensive investigation and took steps to contain the issue. We also are working with federal law enforcement authorities and coordinating with the payment card companies in their efforts to protect cardholders. We continue to take steps to enhance the security of Checkers and Rally’s systems and prevent this type of issue from happening again,” added Francis.
Magpie recommends affected customers to apply for a free credit report monitoring from annualcreditreport.com, alternatively their clients can also call 1-877-322-8228. Additionally, being extra vigilant when reading account statements, as discrepancies and fraudulent transactions with the credit charges can be reversed by the card issuing bank. At the same time, Magpie has opened a special hotline for their customers that have specific queries regarding the incident, 1-844-386-9554. The company also opens their main office for walk-in queries: Monday through Friday from 8:00 a.m. to 10:00 p.m. CST and Saturday and Sunday from 10:00 a.m. to 7:00 p.m. CST.
Huddle House Restaurant Chain’s POS System Breached
Magstripe Credit/Debit Cards & Magstripe-only POS: A Security Nightmare
Recipe for disaster: Bluetooth-enabled POS Terminals + MagStripe-based Cards