Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Thursday May 30 2019, @06:29PM   Printer-friendly
from the not-such-a-cheap-burger dept.

[Ed. note: Wikipedia entry for those who may not be familiar with the company and which notes: "Checkers Drive-In Restaurants, Inc., is one of the largest chains of double drive-thru restaurants in the United States. The company operates Checkers and Rally's restaurants in 28 states and the District of Columbia. They specialize in hamburgers, hot dogs, french fries, and milkshakes." --martyb]

On Wednesday, fast food chain Checkers reported that they had found malicious point-of-sale (POS) software in place on their systems that affected over 100 Checkers and Rally's restaurants and which left customer names, card numbers, verification codes and expiration date vulnerable.

The Full List of affected restaurants including the estimated exposure dates, is available in the data breach notification.

Exposure dates go back as far as December 2015 in one case (Los Angeles, CA), although the majority span late 2018 to current.

In the official statement Checkers says:

What We Are Doing?
As indicated above, after identifying the incident, we promptly launched an extensive investigation and took steps to contain the issue. We also are working with federal law enforcement authorities and coordinating with the payment card companies in their efforts to protect cardholders. We continue to take steps to enhance the security of Checkers and Rally's systems and prevent this type of issue from happening again.

What You Can Do
If you used a payment card at an affected restaurant during a relevant time period, please consider the following recommendations:

Review Your Account Statements. We encourage you to remain vigilant by reviewing your account statements. If you believe there is an unauthorized charge on your card, please contact your financial institution or card issuer immediately.
Order a Credit Report. You are entitled under U.S. law to one free credit report annually from each of the three nationwide consumer reporting agencies. To order your free credit report, visit www.annualcreditreport.com or call toll-free at 1-877-322-8228.
Review the Reference Guide and FAQs. The Reference Guide and FAQs provide additional recommendations on the protection of personal information.

What amounts to, in essence, "our bad, review your statements and check your credit reports" is likely to be considered a very weak response by customers affected. Also the date that the breach was discovered is not revealed ("recently became aware of") so the gap between discovery, completion of the investigation, and the date of breach notification is not known.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by Snow on Thursday May 30 2019, @09:55PM (1 child)

    by Snow (1601) on Thursday May 30 2019, @09:55PM (#849438) Journal

    Of course we have traditional Credit Cards too. I've heard that it's common in the US that when you use a debit card, the debit doesn't actually come out of your account for several days. This can lead to spending more than you have and the NSF fees associated with that.

    The card itself is contactless. You tap the card on the terminal to pay. It takes 1-2 seconds. Transactions using Interac Flash are guaranteed for the merchant (no chargebacks) and the bank will (supposedly) cover any fraud. You are required to use a pin every $200 so not that much can be stolen anyways.

    The USA has a very fragmented payment infrastructure which is why it's taking so long to move to EMV/Chip and Pin. You have so many different banks and lots of small businesses that don't want to upgrade. It costs a lot to upgrade to EMV. A card reader (JUST THE CARD READER!) at a gas pump is ~$2000. With EMV 5 I'm sure they will be more. Eventually the businesses will be dragged into compliance.

    Once you try the tap and pay, you'll be hooked. It's so fast, easy and ubiquitous now. Even vending machines have tap and pay.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 2) by JoeMerchant on Thursday May 30 2019, @10:19PM

    by JoeMerchant (3937) on Thursday May 30 2019, @10:19PM (#849452)

    I've heard that it's common in the US that when you use a debit card, the debit doesn't actually come out of your account for several days.

    That may have been more common years ago. The new systems are pretty real-time, of course you can still sign up for a "trap" account that will fee you to death for every little thing, but if you stick with an institution like a Credit Union, they can actually serve your needs instead of trying to serve you on a platter.

    I had tap and pay in my last phone, and used it at the weekly grocery trip and a few other random places. It was plenty convenient (fingerprint to unlock, tap to pay), but, that was a Nexus 5x, and after it bootlooped I replaced it with a phone that doesn't have NFC. I missed it for about a month, and I'm over it now. I'll go back to tap to pay when I get another NFC phone, meanwhile, it's not really that hard to stick a CC in a slot. The BIG HUGE AMAZINGLY AWESOME aspect of tap to pay with the phone was: forgetting your wallet wasn't a fatal mistake - I still seem to do that about once every two years or so, and it's really nice when the phone can cover for your senility (apparently, a condition I have suffered since my teenage years.)

    --
    🌻🌻 [google.com]