Back to Data theft

Data theft

Payment information stolen in security breach at North Country Business Products.

North Country Business Products (NCBS) is a Minnesota-based point-of-sale systems provider. With over 16 locations and over 6,500 customer sites, NCBS delivers and supports complex technology solutions for retail and hospitality customers nation-wide.

Last month, NCBS revealed that 135 business partner restaurants were infected with malware that hackers used to steal debit and credit card data from partners' customers. Information such as the cardholder names, card numbers, card expiration dates, and CVV numbers were compromised.

In a statement, NCBS wrote, "On January 4, 2019, North Country learned of suspicious activity occurring within certain client networks. North Country immediately launched an investigation, working with third-party forensic investigators to determine the nature and scope of the event.” The attack affected patrons who used their debit and credit cards between January 3 and January 24, 2019 at restaurants in Arizona, Minnesota, California, Colorado, Iowa, Louisiana, Michigan, Missouri, North Dakota, Ohio, Oregon, South Dakota, Tennessee, Texas, and Wisconsin.

NCBS confirmed it has contained the situation. Additionally, the company has enlisted the help of third-party experts to strengthen its systems and bolster security efforts.

Don't want to make the news for the wrong reasons? Download ManageEngine Log360, the tool that can help combat internal and external security attacks.

Here's how ManageEngine can help.

Log360, our comprehensive security information and event management (SIEM) solution, can help your organization:

  • Identify cross-site scripting (XSS) attacks, malicious file installations, DoS attacks, SQL injection, and more with its real-time correlation capability.
  • Alert security teams in real time about events that require their immediate attention, such as account lockouts, security group membership changes, unauthorized access attempts to files or folders, and network attacks.
  • Detect unauthorized network access attempts with its built-in Structured Threat Information eXpression (STIX/TAXII) feeds processor. Log360 also has a global IP threat database that can instantly detect known malicious traffic passing through the network, as well as outbound connections to malicious domains and callback servers. The global threat database contains more than 600 million blacklisted IP addresses that are collected from trusted open sources and updated daily.
  • Find potential insider threats with the user and entity behavior analytics engine, which creates a baseline of normal activities that are specific to each user and notifies security personnel instantly when there's a deviation from this norm. Rather than using static threshold values, this tool employs a combination of data analytics and machine learning to define dynamic thresholds based on real-world user behavior.
  • Obtain important forensic information about incidents. The collected logs can be securely archived to help prove adherence to compliance standards and reduce potential legal penalties during investigations.
  • Automatically raise incidents as tickets to the designated administrator in ServiceDesk Plus, JIRA, Zendesk, Kayako, or ServiceNow to create an incident resolution process that's swift and accountable.

Download a free trial version of Log360 to evaluate the tool for yourself, and see what this comprehensive tool can do to combat internal and external security attacks.


Stay In The Know

Thank you

You will receive weekly cybersecurity news soon!

  • Please enter a business email id
    By clicking 'I'm Interested', you agree to processing of personal data according to the Privacy Policy.

2022 Zoho Corporation Pvt. Ltd. All rights reserved.