According to BankInfoSecurity, the breach occurred in March and April of 2012 and was first suspected when a customer called a Penn Station restaurant to report there was fraudulent charges on his card after he dined at that location. From there, the processor was contacted and the Secret Service became involved in the investigation.
The manner in which the customer credit and debit cards were stolen has not been identified yet. It could be card skimming devises that have been illegally installed at the point-of-sale or by the locations’ cardholder networks being hacked into. Penn Station is keeping their customers informed on their website as the situation progresses.
By not taking action to secure your cardholder data network now you are merely allowing yourself to be a sitting duck, waiting for your turn to get breached. In a recent security report, Trustwave 2012 Global Security Report, it shows that a franchise within the food and beverage industry is of the highest risk of a breach. (According to the report, franchises make up one third of those breached and 44% of all breaches are from the food and beverage industry.) Cybercriminals have zeroed in on the restaurant industry and it is important that merchants take action to protect their establishments now. Do not wait until the day comes that it’s your turn.