The recent appearance of yet Mark Zuckerberg US Senate. THE. reminds us of the true value of the data that we daily across the net in the form of fingerprint.
It is not a matter of privacy and how it is violated in different attacks and information gaps in social networks, but the consequences that these data can have on our lives, and on the lives of consumers who have the services that we provide.
In this sense, social engineering allows hackers to get additional information through that previously gathered illegally. The bank details, credentials credit cards or even passwords for our emails are some of the main targets of hackers.
Businesses that move large volumes of transactions that have a significant number of virtual clients are the most susceptible to attack. Restaurants are no exception, and today much of the business is based on own or external digital platforms, not having sufficient security measures, may calling into question the user data.
In recent years, we have witnessed the announcement of various hacks to restaurants and hybrids with food shops. Some of the major chains globally have suffered a violation of the privacy of its customers Y, thus, tinting have seen their popularity in the market.
The following five franchises are the most notorious cases in recent history.
1. He malware which he hits more than 1000 Wendy's restaurants
In January 2016, responsible for communications Wendy's, best known in the network respond in a witty and incisive accounts of other franchises public relations industry, It was not in the best position: the department responsible for data protection was investigating suspicious activity detected in the computer system of the company y Brian Krebs, an expert on cybersecurity, He had revealed the problem to the world.
Attackers infiltrated installing malware what compromised the card information of consumers 1025 locales (a 18% of the total) the famous fast food chain. The computer attack aimed POS terminals jetlagged which they were used in establishments that had not yet received the new models.
This highlights the importance of updating security systems and hardware in restaurants for keep up the arms race that takes place between hackers and computer security specialists.
Wendy's case had legal implications for the state of Pennsylvania handled a complaint in the first instance issued by the First Choice Federal Credit Union based on “permeable and inadequate approach to data protection”. Although the legal consequences are yet to see, the loss of confidence by consumers worried Do not be late.
2. Another vulnerable point of sale terminal in Chipotle
TPV seem to be the door to many unwanted access in the catering sector. The announcement of stealing payment information was received by the markets drop 4.8% in a bag.
Ad, held in late April 2017, He is indicating that the computer attack had affected the brand holistically: Each location had been exposed the illegal activities of cybercriminals.
To curb public impact as possible, security analyst who served as spokesman for the event reported on new technological measures that would be undertaken soon to prevent, as far as possible, the continuation of these attacks and violations of consumer privacy.
He malware installed in most local Chipotle infected cash registers and capturing the accumulated information on the magnetic strip of credit cards. The owners of these cards may suffer the consequences of the sale of credentials, Redistribution and use by third parties; although more or less easily usually the bank insurance covering just the costs of illegal complex framework surrounding this business. A bad time to accompany, on the other hand, delicious burritos Chipotle.
3. The computer attack on Whole Foods that has not yet been clarified
The distributor of food products oriented user experience recently acquired by Amazon market has also been hit by the hackers.
In this case only those gifted local bar or restaurant were hit with full service. The cyber attack did not affect on equipment generally used, but TPV used in these different establishments were susceptible to malware used by criminals.
Since the notification by those responsible for Whole Foods took place in September 2017, those affected have not received much additional information. Since the company are invited to check your bank statements looking for unauthorized charges as far as, eyes of any consumer, is a tremendous inconvenience prolonged in time.
4. Banking information gaps in drive-in Sonic
He 26 September 2017 Brian Krebs picked up the revelation of a new case hacking in the world of restoration.
With the collaboration of several experts in bank fraud with which often collaborates, Krebs was lagging behind A batch of five million US credit card that had appeared for sale recently on a black market known as Joker's Stash.
What they had in common all these cards? They had been previously used in the drive-ins Sonic. From that moment, a phone call was enough to get confirmation from the chain: They were investigating an incident with several premises in which the bank had committed customer information.
The use of unsafe TPV is a plague among those restaurants that are not owned brand, but they are operated under franchise. Managers who wish to maintain their brand image may have to impose stricter controls on bank outsourcing services and equipment involved.
On the black market, this batch cards were sold for an amount of between 20 Y 40 euros, a laughable amount considering the benefits they could enjoy scammers should give a clueless owner.
Counterfeit cards of this type, virgins and secreted by locality, They are extremely difficult to locate and recover. At the end dinners at the SONIC they came out more expensive than expected ...
5. Panera Bread and mismanagement of computer security
Panera Bread has become the latest company to join the select, but nothing meritorious, large group of companies catering and food sales have been hacked.
Unlike the four cases, Panera is suspected as the main culprit. Dylan Houlihan was the first to warn fashioned bakery on the information gap that had their website, which private data delivered in the form of easily readable text with no concern for privacy or bank security of its users.
In their contribution Medium, Dylan indicates that in August 2017 He contacted the company after several unsuccessful attempts. In addition to hard to reach, Panera responsible for arisco resulted in treatment, inquiring about the ulterior motives of Dylan, who he had offered to discuss the incident simply because their data were also at stake.
Mike Gustavison, Panera's interlocutor, He said shortly after was working on solving the problem. Several months later, the web was still leaking private information and Dylan decides to publish the matter with the help of Krebs.
Far from assuming errors in handling private information, Director of Data Protection Panera Bread chose to minimize the problem. According to his version only 10 000 users had been affected. With a little more time, Krebs could outline a rough figure: 37 million people had seen their privacy violated.
The moral of these five stories is that the information entrusted to the restorers customers must be treated with suspicion relevant. Not pay due attention to the vulnerabilities of our website, not knowing the application or external security services with which it works involves throwing stones at our own roof, why when customer trust is lost it is impossible to recover.