In December of 2011, four Romanian nationals were arrested for allegedly hacking into hundreds of U.S. retailers’ point-of-sale (POS) machines, including machines belonging to popular fast-food chain Subway. According to an article in Wired magazine, the hackers accessed the POS machines remotely and used keystroke-logging software to steal sensitive information – including credit/debit card and gift card numbers – from more than 80,000 customers.
Investigators are still trying to determine if the hackers responsible for the December 2011 Subway hacking are also responsible for hacking into the POS systems of several restaurant chains in Louisiana and Mississippi in 2009. In that case, just like the 2011 case, hackers broke into POS systems to steal credit and debit card information.
In both cases, hackers accessed the retailers’ POS systems remotely, and they breezed through the security systems by guessing passwords. (This may not have been that hard – in the 2009 incident, one of the remote-access passwords was “computer.” The username? “Administrator.”)
The lesson here? When it comes to hacking, every company is at risk. It doesn’t matter if you’re an oil company in the Middle East or a Subway restaurant in an American strip mall. If you use technology to do business, you have to make sure that sensitive information is protected. Change your passwords regularly. Update your security often. Don’t assume that you’re immune just because you’re selling sandwiches instead of oil and gas or healthcare technology.
Do you think most American companies are serious about tech security? Do you get nervous swiping your credit or debit card at a POS machine? Weigh in below!