A popular point of sale vendor may have suffered a data breach earlier this year that could affect customers of a handful of Pacific Northwest restaurants.
Vancouver, Wash.-based Information Systems & Supplies, a supplier of POS systems to restaurants such as Dairy Queen, Buffalo Wild Wings and Taco Time, confirmed the breach early last month in a letter that surfaced this week.
According to the letter, sent by ISS President Thomas Potter to restaurants on June 12, the company’s LogMeIn account was breached three separate times, on Feb. 28, March 5 and April 18. Potter warned restaurants that that attacks between those dates may have compromised users’ information and instructed restaurants to tell any concerned customers to contact their banks for further information.
“We have reason to believe that the data accessed could include credit card information from any cards used by your customers between these dates,” the letter read.
The letter – obtained by Information Security Media Group on Tuesday – goes on to state that at the time ISS was in the middle of changing all of its credentials, instituting a “secondary unique password” and running “virus protection/detection at all of our sites.”
Potter didn’t reveal exactly which restaurants or how many customers may have been impacted by the compromise but according to their site ISS sells POS devices manufactured by FuturePOS, Inc., which are used by restaurants like Buffalo Wild Wings, Dairy Queen, Taco Time among other companies.
Since ISS is based in Washington State, it’s probably safe to assume the breaches occurred at one or more of the aforementioned restaurants located in the Pacific Northwest.
Boston-based LogMeIn provides remote access and desktop software, allowing large corporations along with small to medium businesses like ISS to back up laptops, desktops, servers, and so on.
This year has seen a scourge of point of sale breaches that’s included targeted attacks on stores like Neiman Marcus, Sally Beauty Supply, Michaels and the restaurant P.F. Chang’s China Bistro. All of those of course came on the heels of the massive Target breach that compromised the sensitive information of 110 million people late last year.