pos_coffee_shop
  • Many US-based bars and restaurants had their PoS systems infected with data-stealing malware.
  • The company that operates the particular PoS network has issued an official notice on the incident.
  • No reports about using the stolen credentials reached NCBP but freezing the affected accounts if advised nevertheless.

The North Country Business Products (NCBP) PoS systems provider has announced a security breach incident that has affected 139 of the 6500 shops that constitute their client-base. The locations are mainly coffee shops, restaurants, and bars, with many of them being branches of a shop franchise such as Dunn Brothers, Someburros, and Zipps Sports Grill. The malware infection targets the cardholder name, credit card number, expiration date, and the CVV. So far, the NCBP has not received reports that an attacker tried to take advantage of the exfiltrated information, while a full list of the compromised locations is given in a special notice on the company’s website.

According to it, the breach to their systems occurred at the beginning of the year, with the people who are at risk of having had their payment data stolen being defined as clients who made payments to NCBP partners between January 3 and January 24. The company’s IT department noticed the unusual activity and asked for the help of a third-party digital forensic investigator who confirmed the breach. As the hacker observed that investigating agents were present in the system as well, he/she stopped all malicious activities by January 24.

Customers that were potentially affected by this incident cannot be directly notified, so they must consider the list of the compromised PoS locations published by NCBP and figure out whether they paid through a PoS system in the affected bars and restaurants. They can also call 1-877-204-9537 to ask for additional information regarding this security incident. If they find that there’s a possibility of having been compromised, they should place a security freeze on their credit report, effectively prohibiting anyone else from accessing their financial account and information.

Paying through PoS (Point of Sale) systems has become the norm nowadays, as it simplifies transactions and theoretically makes them safer. However, cybercriminals are increasingly developing smart PoS malware that steals credit and debit card data that can later be sold on dark web markets. People cannot do something to protect themselves against this dire possibility, other than just paying with cash on the register.

Have you ever had an adverse experience with your credit card after a PoS transaction? Let us know of the details in the comments section below, and don’t hesitate to do the same on our socials, on Facebook and Twitter.