North Country Business Products POS (point-of-sale) and security solutions provider announced a data breach that affected hundreds of U.S. restaurants and hotels.
North Country Business Products point-of-sale and security solutions provider announced a data breach, the company is currently used by 6500 customers around the Midwest.
“North Country Business Products, Inc. (“North Country”), today announced that a recent data security incident may have resulted in unauthorized access to payment information of some consumers who used credit and debit cards at its business partner restaurants between January 3, 2019, and January 24, 2019. North Country engaged professionals who have corrected the issue.” reads the data breach notification published by the company.
The security breach exposed payment information for clients who used their credit and debit cards at 137 restaurants.
Most of the affected locations are in Arizona and Minnesota, other were in Louisiana, Iowa, Missouri, North Dakota, South Dakota, Texas, Wisconsin, Tennessee, Oregon, and Ohio.
The PoS firm learned of suspicious activity in certain customer networks on January 4 and immediately launched an investigation with the help of cyber forensics firm. The investigators found a piece of malware in the systems of some of its customers, the infections occurred between January 3 and January 24, 2019.
The malware used by crooks to siphon payment card data (cardholder names, card numbers, expiration dates, and CVV codes) belonging to individuals who used their payment cards at one of the impacted North Country customers.
The list of affected locations is available in a website published by North Country.
“North Country takes this incident and the security of our customers’ information very seriously. The company has updated processes to further strengthen its systems to protect its business partners’ customer debit or credit card information and will continue to work with third-party experts to help ensure the highest levels of security,” continues the data breach notification.
The company set up a specific assistance line to support impacted consumers.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.