Malware hits Tim Hortons payment systems, shuts down dozens of restaurants
The company said the malware hit less than 100 locations
Malware hit Tim Hortons, a popular Canadian-based restaurant chain that specializes in coffee and donuts, causing dozens of stores to close across Canada.
The attackers hit the Panasonic cash registers that the chain uses. Initially the company told the Globe and Mail that the virus hit fewer than 100 locations.
That may not be entirely accurate.
“A source close to the issue told HuffPost Canada that as many as 1,000 Tim Hortons locations may have been impacted, amounting to roughly a quarter of all Canadian locations. Some locations were forced to close, while others had to shut down their drive-throughs.”
There’s very little concrete information about the actual malware that affected Tim Hortons, though it does appear as if the malicious code was designed to target cash registers, which, in turn, made them unusable.
And now, the Great White North Franchisee Association (GWFNA) – a name that probably wouldn’t last very long in the US – is preparing to sue Restaurant Brands International. The GWFNA represents the franchise owners, while the RBI is the actual operator of Tim Hortons.
The GWFNA is looking to recover lost revenue and damages for the loss of confidence in the brand.
“The business interruption includes inability to use some or all of the … issued cash registers and [point of sale] terminals, causing partial and complete store closures, franchisees paying employees not to work, lost sales and product spoilage,” said the GWFNA in a statement from the law firm Himelfarb Proszanski.
The GWFNA called the incident a “failure” and also noted that this is the second hit to Tim Hortons’ reputation, following an ugly incident where a pair of franchises owned by the founder’s children looked to offset a minimum wage increase by cutting employees’ paid breaks and requiring them to pay a greater share towards their benefits.
RBI has stated that no financial information was lost in the breach.
However, there’s still a lot left to consider when it comes to this situation. Issue number one will be culpability. If, like in the Equifax breach, lax security is the issue then RBI and Tim Hortons may be in some trouble. One of the mitigating factors will be the fact that no sensitive data was compromised. However, if updates were missed and warnings were ignored, then this is going to be squarely on Tim Hortons’ shoulders.
As for the actual damages, it looks like the biggest hit will come to Tim Hortons’ reputation. However, that will likely blow over much as it has with other large brands that run into these kinds of issues.
Regardless, the chain is going to need to be proactive in hardening its cyber defenses from here on out, lest this happen again.
5 Ways to Determine if a Website is Fake, Fraudulent, or a Scam – 2018
in Hashing Out Cyber SecurityHow to Fix ‘ERR_SSL_PROTOCOL_ERROR’ on Google Chrome
in Everything EncryptionRe-Hashed: How to Fix SSL Connection Errors on Android Phones
in Everything EncryptionCloud Security: 5 Serious Emerging Cloud Computing Threats to Avoid
in ssl certificatesThis is what happens when your SSL certificate expires
in Everything EncryptionRe-Hashed: Troubleshoot Firefox’s “Performing TLS Handshake” Message
in Hashing Out Cyber SecurityReport it Right: AMCA got hacked – Not Quest and LabCorp
in Hashing Out Cyber SecurityRe-Hashed: How to clear HSTS settings in Chrome and Firefox
in Everything EncryptionRe-Hashed: The Difference Between SHA-1, SHA-2 and SHA-256 Hash Algorithms
in Everything EncryptionThe Difference Between Root Certificates and Intermediate Certificates
in Everything EncryptionThe difference between Encryption, Hashing and Salting
in Everything EncryptionRe-Hashed: How To Disable Firefox Insecure Password Warnings
in Hashing Out Cyber SecurityCipher Suites: Ciphers, Algorithms and Negotiating Security Settings
in Everything EncryptionThe Ultimate Hacker Movies List for December 2020
in Hashing Out Cyber Security Monthly DigestAnatomy of a Scam: Work from home for Amazon
in Hashing Out Cyber SecurityThe Top 9 Cyber Security Threats That Will Ruin Your Day
in Hashing Out Cyber SecurityHow strong is 256-bit Encryption?
in Everything EncryptionRe-Hashed: How to Trust Manually Installed Root Certificates in iOS 10.3
in Everything EncryptionHow to View SSL Certificate Details in Chrome 56
in Industry LowdownPayPal Phishing Certificates Far More Prevalent Than Previously Thought
in Industry Lowdown