SevenRooms, a customer management (CRM) platform provider for restaurants, has confirmed that a cybercriminal managed to obtain sensitive customer data from their terminals (opens in a new tab).
In a statement to BleepingComputer, a company spokesperson said it "recently learned that a third-party file transfer interface was accessed without permission."
"This may have affected certain documents transferred to or by SevenRooms, including the exchange of (now expired) API credentials and certain guest data, which may include names, email addresses, and phone numbers."
The company also said its systems were not directly hacked in the incident: "We immediately disabled access to the interface, launched an internal investigation, and currently have no evidence that any SevenRooms proprietary databases were affected," the spokesperson said. .
"We have engaged independent cybersecurity experts to assist us with this investigation and will provide additional updates as necessary." The company did not say which company was contracted to perform the forensic analysis.
However, anyone who managed to break into the database later announced it on the Breached hacking forum, posting a thread saying they had a 427GB backup database, containing thousands of files with information about the SevenRooms clients.
According to BleepingComputer, the company's clients include MGM Resorts, Bloomin' Brands, Mandarin Oriental, Wolgang Puck and others. The customer list is quite long, and while SevenRooms didn't specify which businesses were affected, we can only wait for the individual restaurants to provide more details.
The attackers published a sample containing API keys, promotional codes, payment reports, and booking lists, among other things. Payment data, such as credit card information, bank account data, social security numbers, or the like, were not compromised as they are not stored by the company on the affected servers, a- It was added.
Via: BleepingComputer (Opens in a new tab)