It seems to be getting more difficult to stay protected from cybercriminals. Even swiping your credit or debit card at a retail location is risky these days. That's because criminals are constantly searching for companies with insufficient security so they can rip us off.
When we use our cards to purchase goods or services, we expect the company to have a secure point-of-sale (POS) system. That's not always the case.
We've just learned of a massive data breach at one of the country's most popular chain restaurants. If you have eaten at this restaurant recently, hackers have your credit card information. Don't forget to share this article with family and friends so they're aware of the situation, simply click the share button on the left-hand side of the page to post it to Facebook.
Did you frequent this popular restaurant recently?
We're talking about the popular restaurant chain, Applebee's. More than 160 Applebee's locations across the U.S. were impacted recently by a POS data breach. The affected locations are owned and operated by RMH Franchise Holdings (RMH).
What's happening is, unauthorized software was installed on RMH's POS system at certain locations. The malware was designed to steal payment card information from guests who swiped their card there.
Here is a list of data potentially stolen by criminals:
- Guests' names
- Credit or debit card numbers
- Expiration dates
- Card verification codes
The exact dates of the data breach vary by location. Most affected locations seem to have been breached sometime between December 2017 and January 2018. RMH has set up a webpage that allows you to check if the location you visited is part of the breach.
On the page, you'll see a drop-down box that contains a list of impacted locations. If you see a location that you've visited, select it and the dates affected by the breach will appear below. Click here to find out which locations were affected.
Image: Example of Applebee's impacted location finder. (Source: RMH)
RMH said that it has been working with security experts to ensure that the breach is contained. It also said that the credit card number stealing malware has been removed from the impacted POS system.
Any time a breach like this occurs there are safety steps you should take, even if you didn't visit the impacted retailer. Continue reading for suggestions on what to do now.
What you can do following this breach
Now that we know credit and debit card numbers have been exposed in this breach, take the following actions:
Keep an eye on your bank accounts
You should already be frequently checking your bank statements, looking for suspicious activity. It's even more critical when credit and debit card information has been exposed through a data breach. If you see anything that seems strange, report it immediately. It's the best way to keep your financial accounts safe. If your card was breached, your bank will issue you a new one.
Set up two-factor authentication
Two-factor authentication, also known as two-step verification, means that to log into your account, you need two ways to prove you are who you say you are. This is an extra layer of security that will help keep your accounts safe. Click here to learn how to set up two-factor authentication.
Investigate your email address
This is a critical step and it will only take a few seconds of your time. You need to know if your credentials are part of any recent data breach. The best way to find out if you're impacted is with the Have I Been Pwned website.
It's an easy-to-use site with a database of information that hackers and malicious programs have released publicly. It monitors hacker sites and collects new data every five to 10 minutes about the latest breaches. You can even set up alerts to be notified if your email address is impacted in the future. Click here to find out if your email address has been compromised.
Change your password
Whenever you hear news of a data breach, it's a good idea to change your account passwords. This is especially true if you use the same credentials for multiple websites. If your credentials are stolen from a breach, criminals can test them on other sites to log into those accounts as well. Read this article to help you create hack-proof passwords.
Beware of phishing scams
Scammers will try and piggyback on data breaches like this. They will create phishing emails, pretending to be from the affected company, hoping to get victims to click on malicious links that could lead to more problems. You need to familiarize yourself with what phishing scams look like so you can avoid falling victim to one. Take our phishing IQ test to see if you can spot a fake email.
Here's another clever credit card scam that you need to watch out for
As much as we would like to think we are on top of our credit card bills, if we are honest with ourselves, most of us probably do not pay as much attention as we should. Sure we check our statement and see how much money we owe, but going line by line, purchase by purchase, is something we just don't have time for.