Two lawsuits have been filed in Louisiana after point-of-sale (POS) systems in restaurants were allegedly hacked via keylogger, resulting in the exposure of some 100,000 credit cards.
According to a news report posted yesterday in The Advocate, lawsuits in Lafayette and Baton Rouge named Radiant Systems -- maker of the Aloha POS -- and Computer World, which installed the systems.
The suits allege that Radiant and Computer World represented their POS systems as PCI-compliant and current when, in fact, the systems used older software that contained security flaws, according to the report.
One of the suits also alleges that Computer World installed a faulty remote access system on more than 200 systems across the state, the report says. In each location, Computer World allegedly used the same password: "computer."
Computer World also allegedly failed to remove prior customer credit card information from the systems before installing them, according to the suit.
In a statement published by The Advocate, Radiant said its policy is not to comment on the details of pending litigation.
"What we can say is that Radiant takes data security very seriously, and that our products are among the most secure in the industry," the statement says. "We believe the allegations against Radiant are without merit, and we intend to vigorously defend ourselves."
According to the news report, at least one of the 17 restaurants involved in the suits has gone out of business since the hacks took place. The Secret Service estimates the breaches have so far cost local banks at least $1.2 million.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message. Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio