The North Country Business Products (NCBP), a US-based provider of point-of-sale (POS) products, has announced a security breach last week (Feb.15th) that has affected 139 of the 6,500 shops that constitute its client-base, according to a recent press release.
The company said hackers compromised its IT systems and planted a POS malware on the network of some of its customers.
According to the company’s data breach notification, multiple coffee shops, restaurants, and bars from franchises such as Dunn Brothers, Someburros, and Zipps and Sport Grill, were affected by the breach.
The malware infection, which was not named in NCBP’s breach notice, could gain access to cardholder’s names, credit card numbers, expiration dates, and CVVs.
NCBP said it has not received any reports of actual or attempted misuse of this information.
According to the NCBP notice, the breach to their systems occurred on 3rd January 2019. The company said it detected the suspicious activity on its network on the following day and launched a joint investigation with a third-party cybersecurity forensics firm.
“On January 30, 2019, the investigation determined that an unauthorised party was able to deploy malware to a certain number of North Country’s business partners’ restaurants between January 3rd, 2019, and January 24th, 2019, that collected credit and debit card information,” it said.
Since potential customers affected by this breach cannot be contacted, NCBP decided to post a list on its website’s front page.
Dedicated assistance line
The company also set up a dedicated assistance line for customers who want to learn more about this security incident.
“Consumers can call 1-877-204-9537, Monday through Friday (excluding U.S. holidays), 9:00 a.m. to 9:00 p.m. EST,” NCBP said.
The company also said it has updated its systems in order to protect “its business partners’ and customers’ debit or credit card information” from being compromised in the future.
“We encourage you to remain vigilant against incidents of identity theft and fraud, to review your account statements, and to monitor your credit reports for suspicious activity. If you see any suspicious activity, please report it to the bank that issued your credit card.”
The news comes after coffee chain Caribou Coffee disclosed a similar breach last December. The coffee chain said that 239 of its outlets had their POS systems infected with malware.