QSLPA Investments of Ohio, which operates restaurant Quaker Steak & Lube, has disclosed a security breach that exposed payment card records of its customers.
The breach is associated with the restaurant that utilises Midwest POS Solutions’ POS system.
The payment card breach at the restaurant is said to have compromised card name, number, expiration date, and/or CVV.
The incident is said to have occurred from 4 July 2019 to 6 September 2019.
The revelation about the breach is the result of some alerts, which flagged unusual payment card activity.
This triggered a probe, which engaged third-party forensic investigators, and detected malicious software used on the restaurant’s POS device.
“It was further determined that Midwest POS credentials were used to remotely access the point of sale system at this location, which allowed an unauthorised actor to deploy the malicious software into the point of sale system,” QSLPA noted.
QSLPA said that it has installed tools to remove any malware. It also reported the issue to law enforcement agencies, along with Visa, MasterCard, Discover, and American Express.
Payment card breaches have been rampant in the US lately.
Last week, convenience store chain Rutter’s too disclosed a payment card breach that was caused by malware planted in its POS systems. The breach affected over 70 locations.
Moreover, last month, 30 million payment card records hacked from convenience store chain Wawa were put up for sale on the dark web.