Report: Remote Access Breach Hits Delaware Restaurants

An attack leveraging security holes in remote access software (which, in turn, attacks another security hole in the POS system) has been working its way through quite a few Delaware restaurants, according to an advisory issued by the Delaware Restaurant Association.
The advisory specifically mentioned remote access software LogMeIn, a popular program among both restaurants and cyberthieves. The easier the stores make it for managers to remotely handle payment transactions, the easier it’s also for thieves. Sometimes, the thieves leverage—or sometimes are—former employees familiar with access procedures.
According to a report in BankInfoSecurity, the alert said: “The Delaware Restaurant Association is responding to reports from members that there may have been a breach of consumer credit card information in Delaware. Initial reports and E-mails show that the breach may have been linked to the remote access software LogMeIn, typically used in conjunction with restaurant POS systems. We ask that all members revisit PCI compliance standards. Specifically, we ask that you exercise extreme caution when using remote access and ensure that an individual or company not have access without two-factor authentication. We will continue to report any information that is given to us.”
The story also said that association had identified the three largest POS systems used by Delaware restaurants as Micros Systems, Aloha POS and Digital Dining.