Dickey's Barbecue Pit, a restaurant franchise with 156 locations across 30 states, was hit by a malware-based, point-of-sale data breach. The details of the breach surfaced after Gemini Advisory, a cybersecurity firm, found the stolen cards on a Joker’s Stash, a hacker’s forum for stolen payment data. The data was traced back to the compromised point of purchase (CPP) — Dickey’s Barbecue Pit.
It's believed payment systems were compromised by card-stealing malware, with the highest exposure believed to be in California and Arizona. It’s believed the transactions were made with magstripe cards, and the breach could have occurred on a single central processor, according to Gemini. Reports indicate that since about mid-2019, credit card data from roughly 3 million payment cards were stolen. It's believed the +3 million credit cards stem from 35 states, spanning a time frame of over a year.
the Potential Fraud Fallout from the breach
The hacker’s forum reportedly announced the a majority of the cards are still active and in good standing, which indicates that many financial institutions, along with potentially impacted cardholders, may be unaware of the impact. Financial institutions should be taking measures to proactively prevent any future fraudulent activity on potentially impacted cards.
Gemini Advisory reports the payment transactions were made using magstripe cards, which could mean that some of the POS payments may not have been chip and pin compliant or the transactions was swiped instead of inserted. Dickey’s is a franchise, and unlike a chain, allows each individual location to choose their own point-of-sale payment processing device. It’s believed that the breach was linked to a single central processor that was used by over a quarter of all Dickey’s locations.
- These point-of-sale, malware breaches underscore the importance of relying on fraud tools that use predictive technology to proactively stop compromised card fraud originating from breached POS devices.
- Knowing which merchants are risky, identifying them early, and having a mechanism to write more effective rules on those merchants, is particularly helpful for financial institutions trying to determine where their greatest fraud risks exist to lower fraud costs.
What Financial Institutions Can Do About the Breach
- Manually identify the list of cards that may have been compromised.
- Determine which cards to re-issue, which cards to write decision rules against, and which cards to monitor based on mitigation strategies.
- Continue monitoring the velocity of fraud from compromised cards to adjust strategies.
- Be on the lookout for additional news and development on this breach.
- Monitor potential fraud In real-time to get ahead of incidents before
they spread. - Track the fallout of the breach to identify potential Incidents from compromised data.