Wednesday February 06, 2019

Huddle House Affected by Data Breach in Its Point of Sale Systems

Huddle House has been affected by a data breach in its point of sale system. A third party point of sale (POS) vendor's data system was compromised and hackers used the vendor's tools to gain remote access--and the ability to deploy malware--onto the POS systems at numerous Huddle House franchise and corporate locations. Law enforcement and Huddle House's credit card processor notified the company that it was the victim of a malicious cyber-attack. A malware intrusion was discovered in some point of sale systems at certain corporate and franchised locations. The company immediately contracted an IT and security firm within 24 hours to determine the facts and prevent further attacks.

Huddle House doesn't know how many of its locations were infected with the malware. If you used a payment card at a Huddle House location between August 1, 2017 and present, your payment card information may be at risk. The investigation is still ongoing to determine the scope of this attack. The malware was designed to collect certain payment card information from the magnetic stripe, including cardholder name, credit/debit card number, expiration date, cardholder verification value, and service code. Huddle House recommends that its customers contact the three credit agencies for a free credit report and to notify their banks and card issuer. They even explain how customers can place a security freeze on their credit report.

News Image

In less than 24 hours from learning of the intrusion, we engaged a leading IT investigation and security firm to determine the facts and contain the intrusion and commenced remediation procedures. We have deployed additional IT security measures to reduce the risk of further attacks. Huddle House has worked aggressively with third-party forensic experts and federal law enforcement on this investigation, which is ongoing. Even if you used your payment card at one of the locations involved, it does not mean you will be affected by this issue. Out of an abundance of caution, you may want to review and monitor your payment card statements if you used a payment card at an affected location during the referenced dates. If you believe your payment card may have been affected, please contact your bank or card issuer immediately.

Discussion