Huddle House Inc., a restaurant chain with more than 300 locations across the U.S. Southeast, has advised that customer data has been stolen in a point-of-sale attack.

The hack, first detected by a credit card provider Jan. 3 but believed to date back to August 2017, involved malware installed in POS terminals.

“Criminals compromised a third-party POS vendor’s data system and utilized the vendor’s assistance tools to gain remote access — and the ability to deploy malware — to some Huddle House corporate and franchisee POS systems,” Huddle House said in an advisory Friday to customers.

The company didn’t specify how many locations may have been affected or the extent of the data breach, but it said that “if you used a payment card at a Huddle House location between Aug. 1, 2017 and present, your payment card information may be at risk.” Customers are being advised to review their account statements and monitor credit reports for suspicious activity.

Stephen Moore, chief security strategist at Exabeam Inc., told SiliconANGLE that the breach went undetected much longer than it should have.

“Frequently, an intrusion is detected by a notable change, such as a rapid increase in network traffic, a suspicious system login location or time, or the unusual export of sensitive information,” he explained. “But not all attacks have an obvious pattern. Often adversaries who have gained access to a network are conducting a ‘low and slow’ attack. This is where they carefully and methodically move laterally across devices and users so as not to attract attention — doing reconnaissance and strategizing on how best to exfiltrate data.”

Moore said there are ways to detect attacks such as this.

“Machine learning security approaches can make it fast and easy to find anomalous and suspicious user and device behavior,” Moore noted. “Its algorithms can baseline normal behavior in your network environment, then alert your security team whenever anomalous activity occurs. With the increasing sophistication and worsening impacts of mega data breaches, now is the time for organizations to implement smarter security management solutions.”

POS attacks targeting retail businesses and restaurants are fairly common. Previous examples include Forever21 Inc., Whole Foods Market, Chipotle Mexican Grill Inc., Wendy’s Co. and Sonic Corp.

Photo: bluemaumau/Flickr