CiCi’s Pizza, an American fast food business in Coppell, Texas with over 500 stores in 35 states appears to be the latest restaurant chain that got hit with a credit card breach. According to security expert Brian Krebs, the available information suggests that hackers posed as technical support specialists for the company’s point-of-sale (POS) provider, and that allowed other retailers to be being targeted by the same cybercrime gang. Over the past few months, Krebs has received inquiries from fraud fighters of more than half a dozen financial institutions in the U.S. seeking information about the probable credit card label cracks at CiCi’s. As it stands, every one of these banking industry sources observed the same thing: a pattern of fraud cards that all had been used in the last months at various CiCi’s Pizza locations.
The restaurant chain referred Krebs to Champion Management, a third-party restaurant management firm. However he was told that “the issue” was being handled by an outside PR firm called SPM Communications. Krebs eventually contacted the chain’s POS provider Datapoint which confirmed that the Secret Service was conducting an investigation surrounding several POS vendors in “one particular franchise”. “I went to look up the contact information for Datapoint [sic], and found that Google was trying to prevent me from visiting this site. According to the search engine giant, Datapoint’s website appears to be compromised! It appears that Google has listed the site as hacked and that it was once abused by spammers to promote knockoff male enhancement pills,” Krebs wrote on his post. Upon further inspection, Krebs received an email response from the vice president of the service and support for the company. “All of these attacks have been traced to social engineering/TeamViewer breaches because stores from SEVERAL POS vendors let supposed techs in to conduct ‘support’. Nothing to do with any of our support mechanisms which are highly restricted and well within PCI Compliance,” the email read.
Krebs believes that the apparent breach “comes to light amid a great deal of speculation on Reddit and other places online about a possible data breach at TeamViewer”. On June 2, TeamViewer was reportedly hacked by unknown third parties. The hack resulted in raided PayPal, eBay, and Amazon accounts via stolen credentials stored in the browser. “The idea that countless credit card terminals or cash registers at CiCi’s Pizza establishments and other businesses could have been compromised by cybercriminals who simply call up the establishments and pose as tech support technicians for various PoS vendors is remarkable”, Krebs added.
Like it? Add this infographic to your site: 1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).