PoS malware has infected the Catch Hospitality Group’s payment systems

Recently, the Catch Hospitality Group has been attacked by malware, and the payment systems (POS) of several restaurants in its chain have been infected with malware. The Catch Hospitality Group hired a cybersecurity company to investigate security breaches after detecting unauthorized activity on certain payment processing systems. It is understood that the malicious code is designed to steal customers’ credit card information, including card number, cardholder name, certificate validity period, and internal verification code.

The group noted that not all POS devices were infected and that the Catch Hospitality Group used two types of POS devices in its restaurant chains. One is portable for waiters to order at the table, and the other is fixed equipment in the bar. Research shows that portable POS devices are not affected because they use point-to-point encryption.

Currently, the group announced that it has removed the malware and upgraded security measures for its payment system.  The Group also recommends that customers check their payment cards for abnormal consumption bills as soon as possible and report them to the card issuer as soon as they are found.

Via: securityaffairs