Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

After Hacks, Louisiana Restaurants Sue POS Companies

More than 100,000 credit cards exposed by keylogger attack, Secret Service says

Two lawsuits have been filed in Louisiana after point-of-sale (POS) systems in restaurants were allegedly hacked via keylogger, resulting in the exposure of some 100,000 credit cards.

According to a news report posted yesterday in The Advocate, lawsuits in Lafayette and Baton Rouge named Radiant Systems -- maker of the Aloha POS -- and Computer World, which installed the systems.

The suits allege that Radiant and Computer World represented their POS systems as PCI-compliant and current when, in fact, the systems used older software that contained security flaws, according to the report.

One of the suits also alleges that Computer World installed a faulty remote access system on more than 200 systems across the state, the report says. In each location, Computer World allegedly used the same password: "computer."

Computer World also allegedly failed to remove prior customer credit card information from the systems before installing them, according to the suit.

In a statement published by The Advocate, Radiant said its policy is not to comment on the details of pending litigation.

"What we can say is that Radiant takes data security very seriously, and that our products are among the most secure in the industry," the statement says. "We believe the allegations against Radiant are without merit, and we intend to vigorously defend ourselves."

According to the news report, at least one of the 17 restaurants involved in the suits has gone out of business since the hacks took place. The Secret Service estimates the breaches have so far cost local banks at least $1.2 million.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message. Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-0324
PUBLISHED: 2021-06-14
Product: AndroidVersions: Android SoCAndroid ID: A-175402462
CVE-2021-0467
PUBLISHED: 2021-06-14
In Chromecast bootROM, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege in the bootloader, with physical USB access, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: Andr...
CVE-2021-21554
PUBLISHED: 2021-06-14
Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and, Dell Precision 7920 Rack Workstation BIOS contain a stack-based buffer overflow vulnerability in systems with Intel Optane DC Persistent Memory installed. A local malicious user with high privileges may potentially exploit t...
CVE-2021-21555
PUBLISHED: 2021-06-14
Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 Server BIOS contain a heap-based buffer overflow vulnerability in systems with NVDIMM-N installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, a...
CVE-2021-21556
PUBLISHED: 2021-06-14
Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 Server BIOS contain a stack-based buffer overflow vulnerability in systems with NVDIMM-N installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, ...