Landry's Restaurant Chain Discloses POS Malware Incident (Jan 2, 2020)
An infection of Point-of-Sale (POS) malware has been found on Landry’s network. Landry’s, a company that owns many US restaurants, stated they found malware on 63 bar and restaurant networks and was active for at least six months. The company has stated they believe only a small number of customers have been impacted, due to security features implemented following a 2016 attack. Customers are being advised to review bank statements and to look for any suspicious activity.
Recommendation: POS networks should carefully be monitored for unusual activity, thus keeping logs of what typical network activity looks like is very important. In the case of strange activity, taking POS systems offline and repopulating them is a safe mediation step in order to avoid possible loss of reputation, or lawsuit by individuals who had their credit card information stolen, and possibly used by cybercriminals.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.