California-based food outlet, Crack Shack Enterprises has given notice of an event that may have compromised the security of payment card information used by certain customers at the restaurant between August 19, 2018 and September 23, 2019.
Upon becoming aware of unusual activity relating to payment cards that may have been used at its Encinitas, California location, Crack Shack says it immediately began working with law enforcement and third-party forensic investigators to investigate the activity.
It was established that customers’ payment card information could have been accessed as a result of the installation of malware on a server used to process payment card data at the location in question.
The investigation determined that payment card information included in magnetic stripe track data such as name, card number, expiration date, and/or CVV, could have been compromised. However, features, such as CVC2/CVV2 were not affected.
The restaurant has underlined its commitment to data privacy, and has emphasised that it takes the confidentiality of its customer’s information very seriously. The organisation says it has removed the affected server from its network, and that a new server is now being used.
Crack Shack officials also say tools have been deployed to monitor its network for further suspicious activity. This incident was reported to Visa, MasterCard, Discover, and American Express, and it is understood that Crack Shack cooperated fully with law enforcement’s investigation into this incident.
The post #Privacy: Crack Shack issues notice of payment card data breach appeared first on PrivSec Report.