19 Restaurants Hacked by Credit Card Scammers

Consumer advocates have long considered restaurants a weak link in the chain of credit card security. Most customers willingly hand their credit cards off in folios to servers, who whisk them out of sight for minutes at a time. However, a new class action lawsuit suggests that credit card security breaches at restaurants aren't just the work of a few skimming servers. Restaurant owners in Louisiana and Mississippi allege that weak security on a popular point of sale system and lax security measures taken by installers made customer information vulnerable to hackers.

The POS terminals in question stored all of the information from a cardholder's magnetic stripe, against industry best practices. Ordinarily, identity thieves would need physical access to a restaurant's server to gain access to customer information. However, the plaintiffs allege that third-party installers and resellers used a remote management tool with a weak password to maintain their clients' systems. Plaintiffs discovered security breaches at nineteen of their restaurants, causing customers' credit cards to be compromised. The case recalls similar credit card terminal breaches which resulted in millions of dollars in damages for convenience store and clothing chains over the past decade.