Restaurant Using Third-Party Point of Sale System Compromised by Malware
Who: Truluck’s Seafood, Steak & Crab House
# of Accounts Breached: Undetermined
What happened: Malicious malware that had the ability to capture credit or debit card information was inserted into the point of sale systems at the restaurants allowing customers credit card information to be copied. Customer names and addresses weren’t exposed because Truluck’s doesn’t store that information
When it happened: February 13, 2019 (reported)
How it happened: An unauthorized actor inserted malware into the point of sale systems at eight restaurants to capture customer payment card information used for purchases
Outcome: Truluck’s hired forensic experts after being contacted by the FBI about potential unauthorized access to a server used by the 12-restaurant chain. Truluck’s has set up an assistance line for customers at 1-877-449-1866. Support is available from 8 a.m. to 8 p.m. Monday through Friday. The company also suggests that customers review their account statements and monitor credit reports for suspicious transactions.