O’Charley’s restaurant chain is the latest victim of a restaurant data breach, according to a report from the company. After one of their security tools alerted them to possible unauthorized activity, the company hired a cybersecurity firm to investigate. In early April, the firm discovered tampering within the company’s point-of-sale credit card machines in several of the restaurant’s locations.
There’s always the chance that a skimming film was installed in the machine by someone who had access to it, but due to the more widespread evidence of activity, it’s likely that hackers infiltrated the network and installed malware on the POS system. That means no one would have seen any signs of tampering, but every swipe of a credit card could provide customer data to the thieves.
So far, the only known data to have been accessed is cardholder names and credit card numbers, although in some locations only the credit card number from the magnetic stripe was compromised. Since there’s no evidence yet that identities were stolen or that any money has actually been lost by customers, the restaurant chain isn’t required to provide any kind of corrective or preventive action. For now, the company is simply urging customers who visited their stores in March or April of this year to monitor their accounts and their credit reports carefully.*
Restaurants are a prime target for this kind of theft, largely because patrons pay with their credit cards but typically cannot see the actual transaction take place. Customers have no way of knowing if their servers copied down their card information, if the POS machine has been tampered with or if hackers have installed malware on the network, or any other variation of credit card fraud. Late last year, one of the largest restaurant data breaches was discovered, with more than 300 restaurants, hotels, and casinos owned by Landry’s, Inc., suffering from a POS data breach.
Data breaches are just one of the reasons that more and more restaurants and patrons are turning to mobile payment apps that are specifically designed for the food service industry. There are already dozens of platforms to choose from, offering every form of convenience, including the option to split the check among your tablemates, automatically add a calculated tip, and pay right from your mobile wallet or PayPal account through your smartphone.
Anyone can be a victim of identity theft, anyone can use our services, and anyone can help us help others. If you found this information useful, please consider donating to the Identity Theft Resource Center to help us keep our services free to the public.
*To request copies of your credit report from the three major reporting agencies, contact: