Big River Restaurants / Applebee's Franchise Group

RMH Franchise Holdings disclosed that PoS malware had compromised the PoS systems at Applebee's restaurants.

Names, payment card numbers, expiration dates, and card verification codes were gathered using the PoS virus.

The issue affected about 160 restaurants in the states of Alabama, Arizona, Florida, Illinois, Indiana, Kansas, Kentucky, Missouri, Mississippi, Nebraska, Ohio, Pennsylvania, Texas, and Wyoming. about all of RMH's restaurants were affected.

Online payment systems are unaffected by the security vulnerability, and customers who use self-pay tabletop devices are also unaffected.

Source: https://securityaffairs.com/69877/data-breach/applebee-payment-card-breach.html

TPRM report: https://scoringcyber.rankiteo.com/company/big-river-restaurants-applebee's-franchise-group

"id": "big519181223",
"linkid": "big-river-restaurants-applebee's-franchise-group",
"type": "Malware",
"date": "03/2018",
"severity": "75",
"impact": "2",
"explanation": "Attack limited on finance or reputation"

{'affected_entities': [{'industry': 'Food and Beverage',
                        'location': ['Alabama',
                                     'Arizona',
                                     'Florida',
                                     'Illinois',
                                     'Indiana',
                                     'Kansas',
                                     'Kentucky',
                                     'Missouri',
                                     'Mississippi',
                                     'Nebraska',
                                     'Ohio',
                                     'Pennsylvania',
                                     'Texas',
                                     'Wyoming'],
                        'name': 'RMH Franchise Holdings',
                        'type': 'Franchise'}],
 'attack_vector': 'POS Malware',
 'data_breach': {'data_exfiltration': 'Yes',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Names',
                                              'Payment card numbers',
                                              'Expiration dates',
                                              'Card verification codes']},
 'description': 'RMH Franchise Holdings disclosed that PoS malware had '
                "compromised the PoS systems at Applebee's restaurants. Names, "
                'payment card numbers, expiration dates, and card verification '
                'codes were gathered using the PoS virus. The issue affected '
                'about 160 restaurants in the states of Alabama, Arizona, '
                'Florida, Illinois, Indiana, Kansas, Kentucky, Missouri, '
                'Mississippi, Nebraska, Ohio, Pennsylvania, Texas, and '
                "Wyoming. about all of RMH's restaurants were affected. Online "
                'payment systems are unaffected by the security vulnerability, '
                'and customers who use self-pay tabletop devices are also '
                'unaffected.',
 'impact': {'data_compromised': ['Names',
                                 'Payment card numbers',
                                 'Expiration dates',
                                 'Card verification codes'],
            'payment_information_risk': 'High',
            'systems_affected': 'POS Systems'},
 'motivation': 'Financial Gain',
 'title': "POS Malware Compromise at Applebee's Restaurants",
 'type': 'Data Breach',
 'vulnerability_exploited': 'POS Systems'}