The sandwich chain Jimmy John’s confirms credit card data breach at 216 of its stores. Both customer debit and credit card information seem to have been compromised. “An intruder stole log-in credentials from the company’s point-of-sale vendor and used these credentials to remotely access the point-of-sale systems at some corporate and franchised locations”, reports the story on Kreb’s.
A listing published by Jimmy John’s shows the store number, location and the date ranges when the compromises could have taken place. The point-of-sale vendor has been reported as Signature Systems.
Lately, several breach stories have been taking place because of insecurities surrounding POS systems. One being remotely accessing POS systems, and the second being use of common passwords without adhering to strict password policiies.
Read data security incident press realease from Jimmy John’s