If there is one thing the credit card breaches in the past have taught companies, it is that they have a long way to put in place more robust security measures. That was nowhere near more clear than in the recent discovery of a credit card breach incident that affected customers of Noodles & Company, a popular restaurant chain with hundreds of outlets in the United States.
So if you have recently dined at one of the company’s branches in any location, chances are you might have just been exposed to potential hacks to your credit card. Noodles & Company admitted the data breach, which reportedly took place since January 2016 to date, during which time the credit cards of customers have been charged in a fraudulent manner.
The incident marks the latest development in the cyber attacks that target point of sale terminals at various retailers. Security researcher Brian Krebs first broke the report on the breach.
Noodles & Company acknowledged that it has begun to launch an investigation into the incident after it received a report from its credit card processor. The company is currently working with third-party forensic experts along with law enforcers to look into the breach, find out its scope and determine how many customers may have been affected.
The Noodles & Company credit card breach also highlights the growing interest of hackers in the high street retail industry. The trend is that the attackers are taking advantage of the security flaws in a system or employing social engineering tactics to force its way into installing malware in the target system or network, in this case, retail point-of-sale systems. It enabled attackers then to view account data belong to Noodles & Company customers, especially the sensitive information on the card’s magnetic stripe which is being swiped off the card when it hits the register.
Currently, financial institutions in the United States are adopting the more secure chip-based credit and debit cards. The chip is designed to encrypt the card information so that it becomes difficult for attackers to see what data is on the card. But the transition phase seems to be taking long.
Is it all safe? Well, not entirely. Chip-based cards will still retain the card data in plain text on the magnetic strip. This will cause trouble to retailers because they will be liable when transactions using these chip cards are later found to be fraudulent.
Noodles & Company promises to implement the chip-based card reader soon, but too late perhaps.