A few weeks ago, we got to know of a massive breach at a US-based restaurant affecting around half a million customers. Once again, a similar incident occurred at US-based restaurant Burgerville. The restaurant allegedly exposed customers’ card data to attackers who allegedly belong to the infamous Fin7 group.
Burgerville Disclosed Data Breach
According to the information disclosure on the website of Burgerville, the restaurant suffered a cyber attack affecting a number of customers. The hackers allegedly placed malware on the restaurant’s systems through which they continued to extract customers’ payment data.
Burgerville first came to know the breach on August 22, 2018, after an FBI report. They then continued cooperating with FBI alongside conducting their own investigations to find the extent of the breach. They reportedly found continued access by the hackers on their systems up until September 19, 2018.
Regarding the data compromised during the incident, the restaurant stated,
“Over the course of the investigation, it was determined that some of Burgerville’s customers’ credit and debit card information, including names, card numbers, expiration dates, and the CVV numbers found on the back of most cards may have been compromised.”
They confirm that personal data remained safe during the breach.
Fin7 Hacking Group Held Responsible
Burgerville have named the infamous hacker group Fin7 responsible for this attack. As stated in their FAQs, the U.S. Dept. of Justice issued a press release on August 1, 2018, in which they pointed out a “wave of attacks” affecting several firms located in Western Washington. That includes Burgerville too.
Presently, they have not specified the number of affected customers by this incident. They again hold Fin7 responsible for it.
“This was a sophisticated attack in which the hackers effectively concealed all digital traces of where they have been. However, in an abundance of caution, Burgerville recommends that anyone who visited their restaurants between September 2017 and September 2018 should consider that their data may have been compromised.”
Nonetheless, they did explain the reason for such late disclosure of the breach. As stated, they completed the “remediation process” on September 30, 2018, only. They had to hold the disclosure until then to not alert the hackers.