Four U.S. Food Chains Disclose Payment Card Theft via PoS Malware

In April 2019, malicious actors managed to damage the payment card systems of three Focus Brands subsidiaries with point-of-sale (PoS) malware. The intrusion went undetected for three months, allowing the malware to freely harvest the payment card data of customers at McAlister’s Deli, Moe’s Southwest Grill and Schlotzsky’s. In July, the restaurant chains finally uncovered the damage and ended the campaign. Together the three restaurant chains have around 1,500 locations across the US.

In a separate incident, Hy-Vee this week said that a payment card incident announced by the firm in August of this year also involved a malware infection of PoS devices “at certain Hy-Vee fuel pumps, drive-thru coffee shops, and restaurants.” It has over 245 locations in the U.S. that registered $10 billion in revenue last year. Six Hy-Vee locations were infected as early as November of last year, with additional infections taking place in December 2018 and January 2019. The campaign continued until August.

Last week, McAlister’s Deli, Moe’s Southwest Grill, Schlotzsky’s, and Hy-Vee disclosed publicly that their networks were infected with point-of-sale malware copying data from cards used in person at certain locations.

A lookup tool offered at the end of the update allows you to select the Hy-Vee fuel pumps, drive-thru coffee shops, and restaurants where you used your payment card and see if they were compromised.

Reference:

https://www.bleepingcomputer.com/news/security/four-us-food-chains-disclose-payment-card-theft-via-pos-malware/