Huddle House Fast Food Chain Suffers Data Breach in POS System

Published on: February 06th, 2019

Fast food restaurant chain Huddle House has disclosed that they were affected by a data breach in the point of sale system at some locations that allowed attackers to steal payment information.

According to a security notification released on February 1st, point of sale systems at various Huddle House locations were infected with malware that allowed attackers to steal credit card information that used to purchase food at the restaurant.

“Huddle House locations were recently the target of malicious cyber activity involving some corporate franchisee-operated restaurants,” stated Huddle House’s security notification. “Criminals compromised a third-party point of sale (POS) vendor’s data system and utilized the vendor’s assistance tools to gain remote access—and the ability to deploy malware—to some Huddle House corporate and franchisee POS systems. Huddle House was notified by a law enforcement agency and its credit card processor that some of its corporate and franchise locations may have been victims of a malicious cyber-attack.”

The notification went on to say that the chain first heard about their compromise when law enforcement and their credit card processor contacted them and stated that they may have been a victim of a cyberattack.

As they are still conducting an investigation, it is not currently known how many locations or customers have been affected, but if you have used a credit card at Huddle House between August 1st, 2017 and the present, your card information may be at risk.

The type of malware that was installed on the POS system has not been disclosed, but Huddle House has stated it was designed to “collect certain payment card information from the magnetic stripe, including cardholder name, credit/debit card number, expiration date, cardholder verification value, and service code.”

At this time, Huddle House is working with a third-party forensics company and law enforcement to further investigate their breach. They strongly advise all customers to monitor their credit card statements for unusual activity and if detected to report it to their credit card company.

If you had recently used your credit card at Huddle House, the best and safest course of action may be to contact your credit card company so that they are aware of the situation and to possible get a new card.