A Point of Sale (POS) solutions provider has revealed it was hacked last month, leading to data slurping malware being placed on the networks of multiple clients across the US.
Minnesota-based North County Business Products said in an updated notice this week that the incident may have resulted in the theft of card data from customers at over 130 locations.
Among the list of businesses affected are a significant number of Dunn Brothers Coffee, Zipps Sports Grill and Someburros outlets.
“On January 4, 2019, North Country learned of suspicious activity occurring within certain client networks. North Country immediately launched an investigation, working with third-party forensic investigators to determine the nature and scope of the event,” it revealed.
“On January 30, 2019, the investigation determined that an unauthorized party was able to deploy malware to certain of North Country’s business partners restaurants between January 3, 2019, and January 24, 2019, that collected credit and debit card information. Specific information potentially accessed includes the cardholder’s name, credit card number, expiration date, and CVV.”
It should be noted that not all of the locations listed were affected for the full 22 days.
It’s unclear exactly how the hackers breached North County’s systems initially, or what POS malware strain was used to infect the networks of its clients.