The Sonic Drive-in is an old-fashioned and popular fast-food chain with roller-skating carhops and has almost 3,600 locations in the US. Just recently, it became a popular hit for hackers. The breach affected an unknown amount of its store payment systems. KrebsOnSecurity has learned that this may have led to a fire sale on millions of stolen debit card and credit card accounts. The first clue of a breach came to the surface when it was noticed that many of these accounts were being sold in nefarious underground cybercrime stores. Multiple financial organizations began to notice a pattern of fraudulent transactions on debit and credit cards that had been used at Sonic Drive-ins. Some of the cards were up for sale as early as September 15.
“Our credit card processor informed us last week of unusual activity regarding credit cards used at SONIC,” reads a statement the company issued to KrebsOnSecurity. “The security of our guests’ information is very important to SONIC. We are working to understand the nature and scope of this issue, as we know how important this is to our guests. We immediately engaged third-party forensic experts and law enforcement when we heard from our processor. While law enforcement limits the information we can share, we will communicate additional information as we are able.” The vice president of public relations at Sonic said that they didn’t yet know how many of its stores were affected.
The stolen accounts from Sonic is called “Firetigerrr.” They are organized by city, state and zip code and allows buyers to buy cards from Sonic customers that lived near them. This helps avoid an out-of-state transaction from being stopped. Cyber thieves usually steal credit card information by hacking into point-of-sale systems using the malicious software. So, this strategy is nothing new. The data can clone cards and use them to purchase high-priced items. The cost for these stolen cards was high, which is likely due to the fact that the theft was fresh. This theft bazaar caused Sonic’s shares to tank 4.4 percent and the stock is down. The company reported that “We are working to understand the nature and scope of this issue, as we know how important this is to our guests,” the company said in a statement.
“We immediately engaged third-party forensic experts and law enforcement when we heard from our processor. While law enforcement limits the information we can share, we will communicate additional information as we are able.”
The Last Known Card Breach with a Fast-Food Chain
This isn’t the first time that there has been a major card breach with a major fast-food chain. There was a security breach at thousands of Wendy’s stores that was extremely expensive for credit unions and card-issuing banks. And Wendy’s had a huge challenge trying to get a hold on the theft, which was due to the fact that the locations were independently rather than corporate owned. It’s the financial institutions that must make victims whole again. One of the major changes to ward off hackers is the use of using cards that are chip enabled. This makes it harder for thieves to counterfeit. As of March 2017, only 58 percent of Visa cards were chip enabled. Chipotle Mexican Grill also reported a breach earlier this year. Whole Foods Market also disclosed a recent breach. Even bigwigs like Home Depot and Target have been hacked.
The dangers of data breaches are very real for all industries today. Recently, it was learned that Equifax exposed the data of over 140 million people in the US. Hackers were able to access troves of names, driver’s license numbers, Social Security numbers, and birthdates.
While there’s no magic bullet to prevent hackers from attacking point-of-sale systems, there are steps fast food chains can take to lessen the chance.
- Maintaining the most up-to-date POS software
- Installing Firewalls and anti-virus software to protect the POS networks
- Creating strong passwords and changing them often
- Denying internet access from POS stations and terminals
- Disabling all remote access
- Educating employees about proper use of POS systems and security precautions
- Protecting the hardware and software
Without a doubt, cybercriminals are costing the country money and companies revenue. It’s time for all businesses to take more action. One effective method is to use a managed service IT provider. These professionals update software, fix hardware and patch up holes. They also alert clients immediately if there is a breach. For many companies, the in-house IT staff don’t have the time or skills to handle everything. If you’d like to learn more about how a third-party service provider can help your company, contact Cooper Technologies, Inc. in Sacramento at (855) 303-5378 or email at email@example.com. The experts at Cooper Technologies, Inc. are always happy to answer any questions.