Cheddar Scratch Kitchen Exposes Card Data of Over 500,000

Restaurants in 23 states are on the list of Cheddar Scratch Kitchen locations affected by a cyberattack that exposed payment card information.

Darden Restaurants, who acquired Cheddar in March 2017, received on August 16 an alert from federal authorities regarding the possible compromise of a point-of-sale (PoS) system.

The amount of card details (numbers included) that may be available for sale on the dark web at the moment is estimated to be 567,000.

Early investigation details showed that between November 3, 2017, and January 2, 2018, the cybercriminals accessed the Cheddar Scratch Kitchen network. 

In a press release announcing the incident, Darden Restaurants says that the compromise occurred on a point-of-sale (PoS) system that has been disabled and replaced since at least April 10, 2018. This means that the current payment systems and the network of the franchise are not affected.

Guests in 23 states that made card payments at Cheddar locations during the three-month interval of the compromise are advised to activate their identity protection services offered by at no cost by the franchise.

The recommendation for those that may be impacted by such incidents is to keep an eye on their credit reports and announce any detail that is out of place. Inaccurate information that could be confused for mistakes, such as a different social security number or home address, may be a clear sign that someone is trying to use your identity to file for bank credit.

Card numbers are big business on the black market. Depending on the information that accompanies them and the type of card, cybercriminals can sell the data for at least $7 for each entry.

If they offer complete details from both tracks, known as ‘fullz,’ they can get as much as $100 for cards from Visa and Mastercard with higher credit limits (Gold, Platinum, Business). Now multiply this by 567,000.

A report this year from Armor reveals that the value of US credit cards on the dark web is on a downward trend. A potential reason is a constant availability of this product.