14 DAY TRIAL // An intrusion on the systems of the Otto Pizza restaurant in Portland, Oregon, caused credit card information of 900 customers to be exposed to unauthorized individuals leveraging an undisclosed point-of-sale (PoS) malware family.
The restaurant says that only two of their locations were impacted, and they learned about the attack from federal authorities that found the information during an investigation.
Customers using their credit or debit cards at the two locations between May 1 and August 13 have been impacted by the incident, their names and the card account numbers being exposed.
No PIN codes, CVV numbers, email addresses or personal passwords have been affected by the breach.
Otto Pizza says that aside from the two restaurants in Portland, systems on other locations (in Maine and Massachusetts) were not attacked. Also, there is no risk for the customers that used their home delivery service.
According to restaurant officials, “less than 3% of credit card transactions made at either location may have been compromised.”
Steps taken to mitigate further risk included disabling the impacted PoS terminals and replacing their data storage units. Moreover, Otto Pizza increased the protection of the systems by installing additional firewall and monitoring software solutions.
State officials have been informed of the incident and the necessary action has been initiated for notifying customers and employees.