Payments Giant NCR Hit by Ransomware

Tuesday, 18 April 2023
ransomware.jpg

Payments giant NCR has revealed that it has been stung by ransomware, following several days of investigations into an "issue" discovered in its 'Aloha' point-of-sale system on April 12th. Three days after the incident, the company released a public disclaimer stating that Aloha applications for a subset of its hospitality customers had been impacted by an outage at their data centre in Hawaii.

"On April 13, we confirmed that the outage was the result of a ransomware incident," reads a notice published by the payments giant. "Immediately upon discovering this development, we began contacting customers, engaged third-party cybersecurity experts and launched an investigation. Law enforcement has also been notified."

NCR also claimed that restaurants impacted by the breach will still be able to serve their customers, with only "specific functionality" being impaired and noting that there is "no impact to payment applications or on-premises systems." However, Claroty CRO Simon Chassar notes that ransomware on PoS platforms can substantially harm firms in the hospitality industry.

"Our research shows that 51% of the food and beverage sector reported substantial disruption when hit by a ransomware attack in 2021," Chassar said. "Moreover, these attacks can cause significant financial losses for organisations, with more than a third stating that the revenue impact of operational disruption would be at least one million dollars per hour."

Chassar drew attention to the fact that as the hospitality sector employs more cyber-physical systems organisations are becoming increasingly exposed to new cyberattacks, which could lead to costly operational downtime. "Businesses must have visibility across their entire network for all assets connected to understand their risk posture and provide patches to critical assets such as operational technology (OT) and IoT devices," Chassar noted. "It is also essential to segment their networks to restrict unnecessary connectivity and the movement of malware to mitigate the impact of cyberattacks."

Enjoyed this article? Please consider donating!
Donate
* Alpha Safe journalism is funded exclusively by your donations. We care about your online safety, so we will never display ads, as they could serve you malicious content. We also believe journalism should be available for all, and will never hide our articles behind a paywall. As such, your donation would be very much appreciated.

Most Recent

31 July 2023

Hell Pizza Suffers Credential Stuffing Attack

14 July 2023

Wellington City Council Data Breach

8 July 2023

Event Secretary Data Breach

2 July 2023

TSMC Data Breach; Hackers Demand $70m Ransom

27 June 2023

Suncor Energy hit by Giant Cyberattack

21 June 2023

Kiwis Losing $2M Every Month To Cybercriminals

18 June 2023

Eftpos Provider Smartpay Suffers Ransomware Attack

17 June 2023

Colossal Louisiana Driver Licencing Data Breach

14 June 2023

Russian Hackers Breach Ulez Database

9 June 2023

Thousands of Companies' Data Stolen Through MOVEit Flaw