CiCi’s Pizza, a Texas-based restaurant chain with more than 500 locations in 35 states, may have become a victim of cyber criminals who gained access to CiCi’s customer payment card information. CiCi’s has yet to confirm a data breach.
Reporter Brian Krebs writes that banks have found a pattern of credit card fraud that strongly suggests a payment systems breach at CiCi’s “in the last few months” and “at various locations.”
As with many of the recent large retailer data breaches, the point of entry for the breach was the point of sale terminal. But in this case, the criminals used a low-tech method of obtaining access to the sensitive material:
The data available so far suggests that hackers obtained access to card data at affected restaurants by posing as technical support specialists for the company’s point-of-sale provider, and that multiple other retailers have been targeted by this same cybercrime gang.
More details on this suspected breach on Krebs’ blog.