The chain said it began investigating in March after several Cicis restaurants reported that their point-of-sale systems were not working properly.
Advertisement
Credit card information used from March 1 to July 5 in Killeen is likely to have been compromised, a listing of impacted stores shows. “After malware was found on some point-of-sale systems, the company began a restaurant-by-restaurant review and remediation, and retained a third-party cybersecurity firm, 403 Labs, to perform a forensic analysis”. Cici’s has stated that the malware threat “has been eliminated”, although not all restaurants have been declared “threat free” yet, so perhaps pay with cash the next time you pick up a slice. Some affected restaurants had intrusions dating back to 2015. “Once the attackers have their malware loaded onto the point-of-sale devices, they can remotely capture data from each card swiped at that cash register”.
Locations in Abilene, Brownwood and Stephenville were among the 135 restaurants affected.
The company encourages guests who used payment cards at the affected restaurants during the period of potential exposure to monitor their payment card statements so they can immediately report any unauthorized activity to their card issuer. The lion’s share of breaches started in March of 2016, they added.
“If you find evidence that your payment card data has been misused or that your identity has been stolen, you should immediately contact the Federal Trade Commission and/or the Attorney General’s office in your state”, company officials said.
Advertisement
Consumers also can take the step of filing a police report in case consumers are asked to provide one to creditors in order to correct the records.
