Select Restaurants Inc., which owns a number of other brands, appears to have suffered a POS malware related breach. POS vendor 24×7 Hospitality Technology notified customers that its system was compromised after being hit with PoSeidon malware, which grabs data of swiped cards.
It will be interesting to see where the liability comes to rest here. A couple of things are in play as Select Restaurants obviously outsources CC processing, however if EMV processing was not enforced or available from the vendor and that would have rendered PoSeidon malware ineffective, the banks may go after the vendor for the cost of card reissuance.
Could be interesting to watch
Erich Kron, Security Awareness Advocate at KnowBe4, is a veteran information security professional with over 20 years’ experience in the medical, aerospace manufacturing and defense fields. He is the former security manager for the 2nd Regional Cyber Center-Western Hemisphere and holds CISSP, CISSP-ISSAP, MCITP and ITIL v3 certifications, among others. Erich has worked with information security professionals around the world to provide the tools, training and educational opportunities to succeed in InfoSec