Caribou Coffee Card Breach Hits 265 Stores (Dec 21, 2018)
The US coffee chain "Caribou Coffee" reported that it had suffered a data breach that impacted payment cards. They discovered unusual network traffic on November 28, 2018 and found that there was unauthorized access to their Point-of-Sales (POS) systems. The company stated that customers who had visited one of their chain locations between August 28, 2018 and December 3, 2018, are likely to have had their names, card number, CVV, and expiration date compromised. According to Caribou Coffee, "payments made through your Caribou Coffee Perks account or other loyalty account were not affected. Any catering orders placed online with Bruegger's Bagels, Einstein Bros. Bagels, Manhattan Bagel and Noah's NY Bagels were also not affected by this breach."
Recommendation: Leaks of this sort leads victims to be at a large risk of phishing attacks. Actors can use this information to coerce more personal data from the victim. Customer-facing companies that store credit card data must actively defend against Point-of-Sale (POS) threats and stay on top of industry compliance requirements and regulations. All POS networks should be aggressively monitored for these type of threats. In the case of infection, the affected networks should be repopulated. Furthermore, customers should be notified as soon as possible and potentially offered fraud protection to avoid negative media coverage and reputation.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.