Hackers steal 200,000 card numbers from wholesaler

Share this article:
Hackers breached the systems of New York-based food services wholesaler Restaurant Depot, and stole hundreds of thousands of credit and debit card numbers.

How many victims? More than 200,000, according to reports. 

What type of personal information? Names, credit and debit card numbers, expiration dates and verification codes.

What happened? The thieves inserted malware into the company's credit and debit card processing systems, according to a Finextra report. The malware collected card information as it was processed and then sent it to a remote server in Russia.

Details: The breach affected those who shopped at Restaurant Depot wholesale outlets from Sept. 21 to Nov. 18. Some customers have been the victims of credit card fraud as a result of the breach.

What was the response?  The company hired a computer forensic firm to investigate the incident and has taken unspecified steps to better protect card data. Restaurant Depot is offering affected individuals free credit monitoring and said it would reimburse victims for any breach-related costs they “reasonably incur.”

Source: Restaurant Depot letter to customers, Nov. 25, 2011.
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US

More in The Data Breach Blog

About 60K transactions possibly affected in Cape May-Lewes Ferry breach

The security of card processing systems relating to food, beverage and retail sales at the Cape May-Lewes Ferry was compromised and payment card data may be at risk.

Arkansas State University-Beebe is investigating a potential breach

Arkansas State University-Beebe is notifying students and employees of a service running on one of its servers that could pose a potential breach to the system.

Unencrypted discs missing, Arizona State Retirement System notifies 44,000

Arizona State Retirement System notifies nearly 44,000 individuals enrolled in dental plans that two unencrypted discs containing their personal information are missing.