Hackers tap diners' data
Jan 11, 2013 (South Bend Tribune - McClatchy-Tribune Information Services via COMTEX) --
Amy Weeks and her family treated themselves to lunch Jan. 1 at the Hacienda restaurant at Erskine Village in South Bend to celebrate the start of the new year.
A few days later, her husband started noticing some unusual charges made with their debit card -- the same card the Mishawaka couple used to pay for their lunch.
The bank later confirmed their suspicion: Someone had stolen their debit card number when it was swiped at Hacienda.
About $583 in unauthorized purchases were made in Florida and London.
The Weekses are not alone.
An unknown number of credit and debit card numbers were stolen from two Hacienda locations in late December and early January because of a security breach, said Jeff Leslie, vice president of sales and marketing for the South Bend-based company.
International criminals are suspected of hacking into Hacienda's computer system and stealing card numbers swiped during that time at two restaurants: 4650 Miami St., South Bend, at Erskine Village; and 1099 N. Karwick Road, Michigan City.
Based on information Hacienda has received from restaurant customers, it appears credit and debit card numbers were stolen between Dec. 23 and Jan. 4, and the restaurant is urging its customers who might have dined at those two locations to pay attention to their statements.
Credit and debit card companies typically reimburse accounts for fraudulent charges, but that can take some time. The Weeks family had enough money in savings to move over to their checking account to cover their outstanding debit card charges until the matter is resolved.
"But I know many families don't have this option," Weeks said. "I'm pleased that the bank handled it the way they did, but it makes me leery to use my debit card in the future."
Hacienda has hired an international security analyst company to investigate.
Leslie said investigators believe an organized criminal ring out of Russia stole the information and used it on duplicate cards that they produced and then sold.
Restaurant officials expect to have more details of the breach available next week, including exactly when the breach started and how many credit and debit cards have been affected.
"This kind of crime creates such a sad situation, for us and our guests. We have layers of passwords, firewalls, spyware and encryption," Leslie said. "But they (thieves) seem to have the ability to stay one half-step ahead."
Immediately after learning about the breach, Hacienda officials cut access to its computer system at 5:30 p.m. Jan. 4, Leslie said.
The system remains offline while security experts examine information from the company's hard drives.
"Now we're handling credit cards through an old-fashioned modem. It takes a few seconds longer for the customer," Leslie said.
And American Express cards cannot be accepted right now because of the modem system, he said.
"We also can't communicate with our restaurants about sales numbers and information that helps us monitor sales and make decisions, but we can live with that," Leslie said.
The company operates 12 Hacienda Mexican Restaurants in Indiana and six La Senorita Mexican Restaurants in Michigan.
The worst part of the situation, Leslie said, is the hassle the breach has created for some local customers.
"Anything we could have done differently to keep this from happening we would have," Leslie said. "But we are confident they did not get into any other locations."
Staff writer Heidi Prescott:
___ (c)2013 the South Bend Tribune (South Bend, Ind.) Visit the South Bend
Tribune (South Bend, Ind.) at www.southbendtribune.com Distributed by MCT
[ InfoTech Spotlight's Homepage ]