Burger-slinger Wendy’s admits: Cash-till data breach hit 1 in 20 outlets Wendy’s confirmed on Wednesday that malicious software affected PoS (point-of-sale) devices in around 300 of the burger chain’s 5,500 franchised stores, or about five per cent of all its restaurants in North America. The update on Wednesday quantifies the extent of a previously announced breach and came as Wendy’s announced …
I'll Grant you that one AC.
Crooks OPERATING on American companies seem to be having a field day. "I need a program just to work out who or where to hit next".
The multinational chain mentioned used to serve tasty 'meals' but I suppose it is all sprayed on nowadays.
Of ALL the fast food operations in the U.S., Wendy's has by FAR the highest quality.
Better than home cooked? Well no, of course not. Better than the competition? My stomach is at the age where it tells me very violently and quickly when I've just eaten shit masquerading as food. Wendy's consistently keeps my stomach happy. (except for the chili. you can guess why)
See the other story about Walmart.
The USA still(!) uses swipe machines for payments. When the customer swipes, the number goes through the store's own systems and is authorized by the payment processor. The card details can be skimmed or the store can be hacked and both allow the details to be stolen. And of course cashiers never bother to check the signature so stolen cards are easier to use too.
Chip and pin might not be perfect but it takes the store out of the loop. If the store doesn't secure its database then it's no great loss because the card details aren't in there to steal. All that will be there is some kind of transaction token and little else.
One of the main reasons I hardly ever use my debit card any more - just too much risk in the USA. I finally got a chip enabled card two months ago (only 15 years behind Holland and other countries) but have only been able to use the chip once. Most places still use swipe, even though they have chip enabled PoS terminals - they claim it's not working.
So I use cash for almost everything except the weekly grocery shop.
Ironic because now I only use cash when I'm back in the UK (because no chip and pin on US cards) and increasingly use cash in the US too. However everyone under 30 around me appears to use their debit cards for absolutely everything - including items for less than $1/£1 - madness!
Ups for the lot of you! Don't Panic!
I got my smart-card chop[sic] and pin just this year. About time, I'd say! You know the pad reminds me of the original SD cards, and now the SIM card-style pad. There is only one retailer that seems to be using it now... no surprise, it's Target. Costco, and even the ATM at the issuing back do not yet take the chip/pin combo. Glad Wal*Mart is stepping up to complain. Every retailer should have been ready for this, but it's a slow and uneven process. Reminds me of the promise of fiber-optics in the home we heard those lousy cable companies and phone companies promise, in the 1970s no less! And this was in Silicon Valley. Here it is 2016 and fiber-optics to the home demark is almost non-exsistant. Back to the main point; only 50 of over 5000 shops are actively hacked, and that's from a total of only 330 shops with the malware? Some fucking hack. Barely scratched the surface, and I'm pretty sure I used my debit card in a Wendy's a couple time in the past 6 months, so here's what I plan to do; NOTHING! This is a small-time baby-hack and easily thwarted by just making a single examination of my next bank statement. Crisis averted. Situation normal, we're fine here. How are you?
There is only one retailer that seems to be using it now... no surprise, it's Target.
WalMart is using the chip readers. So is PetCo, Lowes, the local gas stations, and Tractor Supply, to name just a few.
Not sure if you're in a crappy area, in crappy stores (given Target, it seems likely), or just have bad luck...
On the extreme Western city limit of the former North York, Toronto, sits a nondescript building, just south of the former Workplace Safety and Insurance Board Hospital campus.
One day, not so long ago, an open envelope was placed on the Receptionists Desk awaiting pick-up by a rep from a chip fabricating outfit. It had the code for the new range of POS terminals.
The contents were found to be missing and to avoid a hue and cry the R & D department quietly ran off another copy and nothing was said.
After the new terminals were introduced many were hacked, using the information in the envelope. The losses were 'minimal' - under $100-million - and it was decided by the customers the protocol would be re-written and resulted in new encryption chips being designed and the hack defeated.
How do I know? As an early attendee to the building each day one of my duties was to retrieve the re-issued manufacturing data each day.
Leaks can happen under the strangest circumstances!
If the firmware in POS devices was unique and not based on any existing OS. And it's communications protocol ought to be unique as well. Thus standard malware's could installed since the device would not understand anything not written in its own language. Oh but malcontents would reverse engineer them and see what them go. Guess we'll just have to use cash from now on.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
