At fast food restaurants you know what to expect: value and speed. Fast food joint Wendy’s, however, has also been unknowingly serving up credit card fraud.
In the last week, Wendy’s has had to contact customers who have used their credit cards in over 1,000 restaurants. That’s nearly 1 in 3 Wendy’s restaurants and it makes for a huge number of affected customers.
Wendy’s are currently unable to tell just how many customers have been affected, but they do know that this attack was delivered by malware. Now, we all love a bit of a fast food, but we most certainly do not love cyber-crime!
And that’s why I want to show you what happened to Wendy’s and how your own business can avoid a similar situation.
Wendy’s Attacked
The hackers have been able to take control of Wendy’s point of sale (POS) systems which are comprised of the cash register and credit card devices. Although it’s not been discovered how Wendy’s POS systems have been compromised, it’s been identified as a traditional malware attack.
It’s believed that malware has been used to infect franchised stores through the theft of login credentials. This could, for example, be through phishing methods whereby information is extracted by employees through dishonest means e.g. spoof emails from head office requesting login details for “security checks”.
Whatever the method, it’s been successful enough for hackers to then access the POS systems and, potentially, take sensitive credit card information about every single card which has passed through the systems. And you’ve seen the queues at Wendy’s, so you know that’s a lot of credit cards.
Wendy’s was first hacked in January 2016 following unusual activity on credit cards which had recently been used at a number of Wendy’s stores. Similar attacks have intensified recently and this has led to Wendy’s having to release a statement on the situation.
Protect Yourself and Your Customers
Your customers are your businesses lifeblood, so it makes sense that you want to protect them and their finances. And the first line of defense is your staff, so it’s crucial that they’re well versed in how to deal with any suspicious activity they may encounter.
Hackers, you see, are unable to deploy their malware if they’re unable to breach your system’s defenses. And, for most businesses, this will be the good old fashioned ‘username’ and ‘password’ combination. It’s a popular choice as it’s a difficult combination to crack.
Employees, though, can quite innocently slip up and fall prey to the deceptive and sophisticated methods of hackers. However, an increasingly popular way to reduce the impact of compromised login credentials is to employ multifactor authentication. This provides additional walls of defense such as requesting a unique code which is emailed to an employee when they need to access specific systems.
Final Thoughts
Wendy’s isn’t the first fast food chain to have credit card details stolen, but it’s certainly the biggest so far and this will send out alarm bells across the industry. It’s a troubling cyber-attack and another one which highlights the importance of a strong front line defense. Multifactor authentication is certainly useful, but a concentrated effort towards recognizing initial threats is key.
For more ways to secure and optimize your business technology, contact your local IT professionals.