With indoor dining still unavailable in many parts of the country, it makes perfect sense to get dinner to go. But if you’re making a stop at a restaurant, you might want to think twice about using your credit or debit card — because hackers are on the move.
Restaurants make perfect targets for cyberattacks thanks to the sheer amount of credit cards that go through their systems every day. If you can hack a restaurant’s payment system, you’ll get information on everyone that spent money there. Tap or click here to see how a fast-food chain lost the card information for thousands of customers.
And now, another major restaurant chain has been targeted by cybercriminals in a surprise data breach. Payment card information was stolen from the restaurant, and customers from all over the country may be at risk now that the data is showing on hacker forums. If you ate at this restaurant, here’s what you should do.
A a sticky situation for Dickey’s Barbecue Pit
Payment card details belonging to more than three million customers were exposed in a data breach targeting Dickey’s Barbecue Pit — the largest barbecue chain in the country.
The data appears to have been collected directly from the chain’s Point-of-Sale. Anyone who ate at the restaurant between July 2019 and August 2020 is at risk. Data was posted to a hacker forum during the week of October 12. The breach was discovered by Gemini Advisory, a cybersecurity firm that found the stolen cards on a hacker forum called “Joker’s Stash.”
After analyzing the data, Gemini reported its findings to Dickey’s, who released the following statement on the breach:
“We received a report indicating that a payment card security incident may have occurred. We are taking this incident very seriously and immediately initiated our response protocol and an investigation is underway. We are currently focused on determining the locations affected and time frames involved. We are utilizing the experience of third parties who have helped other restaurants address similar issues and also working with the FBI and payment card networks. We understand that payment card network rules generally provide that individuals who timely report unauthorized charges to the bank that issued their card are not responsible for those charges.”
Based on Gemini’s findings, the hackers appear to have compromised a grand total of 156 stores out of 469 nationwide. Most of the restaurants were found in California and Arizona, so residents of these states should take extra caution and contact their banks about potential fraud risk.
The worst part of all this: The cards are being sold for dirt cheap — just $17 a pop!
I ate at Dickey’s! What should I do?
Right now, your main priority is to contact your bank or card issuer and let them know about the potential compromise. The representative can issue you a new card, which will close your old one and prevent its misuse.
If any fraudulent charges have already been made, calling your financial institution sooner rather than later will increase your chances of recovering the money.
If you’re worried about running into cyberattacks like this going forward, one of the best solutions is to use a mobile payment system like Apple Pay and Samsung Pay.
With encrypted mobile payment systems, your card number is never actually shared. This hack only worked because it stole data that came from card swipes. If you don’t have a card on file, there’s nothing for hackers to steal.
Hopefully, more people make the switch to encrypted mobile payments in the near future. Otherwise, these kinds of cyberattacks will become all too common.