Incident Of The Week: 567K Accounts Exposed In Cheddar’s Restaurant Breach

Nationwide Chain Suffers Pervasive Data Breach



Dan Gunderman
08/24/2018

In the dynamic world of cyber security, breaches are both tightly guarded and, sadly, imminent.

Combing through data, market research and threat-defense efforts taken by enterprises can be a daunting task. Here at Cyber Security Hub, we both track the latest industry news and make it more navigable for the IT professional. Cyber Security Hub coverage extends outwards – as it helps enterprises batten down their proverbial hatches.

In this edition of “Incident of the Week,” we examine a data breach at Cheddar’s Scratch Kitchen, a chain restaurant owned by Darden Restaurants (since 2017). In the malicious event, as many as 567,000 credit card numbers were “exposed.”

According to News & Observer, that number could climb as Darden assesses the scope of the breach.

According to a post on its website, Cheddar’s Scratch Kitchen learned of a breach on Aug. 16, 2018; the company said between Nov. 3, 2017 and Jan. 2, 2018, an “unauthorized person or persons gained access to the Cheddar’s…network and were able to access and potentially obtain payment card information used to make purchases in certain Cheddar’s Scratch Kitchen restaurants.”

See Related: Incident Of The Week: Indian Bank Loses $13.5M In Costly Cyber-Attack

Cheddar’s went on to list the following affected states: Alabama, Arizona, Arkansas, Delaware, Florida, Illinois, Indiana, Iowa, Kansas, Louisiana, Maryland, Michigan, Missouri, Nebraska, New Mexico, North Carolina, Ohio, Oklahoma, Pennsylvania, South Carolina, Texas, Virginia and Wisconsin.

Upon learning about the breach, the company engaged a third-party cyber security firm to investigate. The chain restaurant noted that its current systems and networks were not impacted.

The post continued: “The unauthorized access appears to have occurred on a network that was permanently disabled and replaced by April 10, 2018.”

See Related: Incident Of The Week: Attackers Breach Reddit Via SMS Intercept

The cyber-attack on the large organization reportedly impacted payment card information – including card numbers. In response, the company reemphasized: “We take the privacy and security of your personal information very seriously… As an added precaution, we have arranged to have ID Experts provide identity protection services at no cost to those individuals who may have been affected by the incident.”

In the wake of the attack, and as the company handles the incident response, it offered the following advice:

  • “Remain vigilant and take steps to protect yourself from identity theft by reviewing your account statements and by checking your credit report from one or more of the national credit reporting agencies periodically.”
  • “We also recommend that you consider placing a fraud alert on your credit files.”
  • “You may also add a security freeze to your credit report file to prohibit a credit reporting agency from releasing information from your credit report without prior written authorization.”

Altogether, the Cheddar’s breach – impacting over half a million accounts – shows that the "mega-breach" is still lurking in the wild. Without proper protocols, codified plans and controls (think multi-factor authentication, third-party risk requirements, access controls for various environments, etc.), your enterprise could be the next one dragged through the mud.

Be Sure To Check Out: Incident Of The Week: Cosco Shipping Faces Ransomware Attack

RECOMMENDED