Stonebridge Realty Advisors, Inc. suffered a data breach affecting its payment processing systems at the Xebec restaurant between November 8, 2015, and March 26, 2016. The incident involved unauthorized access via malicious software, compromising payment card information of an unspecified number of customers. The breach was reported by the California Office of the Attorney General on May 6, 2016, highlighting vulnerabilities in the company’s point-of-sale (POS) systems. While the exact scale of the breach remains undisclosed, the exposure of financial data poses risks of fraudulent transactions, identity theft, and reputational harm to both the restaurant and its parent company. The attack underscores the persistent threat of cybercriminals targeting payment infrastructure, particularly in hospitality sectors where transaction volumes are high. No evidence suggests broader data exfiltration beyond payment cards, but the incident necessitates heightened security measures, including system audits, malware detection, and customer notifications to mitigate fallout.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-61691
TPRM report: https://www.rankiteo.com/company/stonebridgecompanies
"id": "sto1045090425",
"linkid": "stonebridgecompanies",
"type": "Cyber Attack",
"date": "11/2015",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'unspecified (individuals who '
'made purchases at Xebec '
'restaurant between 2015-11-08 '
'and 2016-03-26)',
'industry': 'real estate / hospitality (restaurant '
'operation)',
'location': 'California, USA',
'name': 'Stonebridge Realty Advisors, Inc.',
'type': 'corporation'},
{'customers_affected': 'unspecified',
'industry': 'hospitality (restaurant)',
'location': 'California, USA',
'name': 'Xebec restaurant',
'type': 'subsidiary/operational unit'}],
'attack_vector': 'malicious software (malware)',
'data_breach': {'data_exfiltration': 'likely (unauthorized access implies '
'exfiltration)',
'sensitivity_of_data': 'high',
'type_of_data_compromised': ['payment card information']},
'date_publicly_disclosed': '2016-05-06',
'description': 'The California Office of the Attorney General reported that '
'Stonebridge Realty Advisors, Inc. experienced a data breach '
'potentially affecting payment card information of individuals '
'who made purchases at the Xebec restaurant between November '
'8, 2015, and March 26, 2016. The breach involved unauthorized '
'access to payment processing systems through malicious '
'software, impacting unspecified numbers of individuals.',
'impact': {'data_compromised': ['payment card information'],
'identity_theft_risk': 'potential (due to payment card exposure)',
'payment_information_risk': 'high',
'systems_affected': ['payment processing systems']},
'initial_access_broker': {'high_value_targets': ['payment processing '
'systems']},
'references': [{'date_accessed': '2016-05-06',
'source': 'California Office of the Attorney General'}],
'regulatory_compliance': {'regulations_violated': ['potential violation of '
'California data breach '
'notification laws (e.g., '
'California Civil Code § '
'1798.82)'],
'regulatory_notifications': ['California Office of '
'the Attorney '
'General']},
'response': {'communication_strategy': 'public disclosure via California '
'Office of the Attorney General'},
'title': 'Stonebridge Realty Advisors, Inc. Data Breach Affecting Xebec '
'Restaurant Payment Systems',
'type': 'data breach'}