Another day, another cybersecurity breach. Or so it seems as this week two high-profile cyber attacks were revealed – Whole Foods and Sonic Corp. Retail and restaurant pain from these attacks is just the latest in a growing number of reminders that cybersecurity spending will continue to be on the upswing as hackers get more creative and we continue to move deeper into not only our Connected Society but also Cashless Consumption themes.
Whole Foods Market — which was recently acquired by tech giant Amazon (AMZN) — said Thursday that hackers were able to gain access to credit card information for customers who made purchases at some of its in-store taprooms and restaurants. The tap rooms and restaurants use different payment systems than Whole Foods check-out counters, the company said.
“Amazon.com systems do not connect to these systems,” the company clarified in a press release.Amazon did not return a request for comment.”
When Whole Foods Market learned of this, the company launched an investigation, obtained the help of a leading cyber security forensics firm, contacted law enforcement, and is taking appropriate measures to address the issue,” the company said. Whole Foods says it plans to provide updates throughout the investigation.
Hackers targeted “point of sale systems” — or the machines where customers swipe or insert their cards — in order to steal the data, according to the press release.
Sound familiar? The news comes just one day after reports that Sonic (SONC), the drive-in restaurant chain, suffered a strikingly similar problem.KrebsOnSecurity, a notable cybersecurity blog, had identified a potential breach at some Sonic restaurants that was likely executed the same way Whole Foods says it was hacked — remotely via point of sale systems.
If you need more evidence that we are living in an increasingly internet-connected world, look no further than a recent software update aimed at making sure 465,000 people with pacemakers don’t have hearts that are vulnerable to hackers.
The U.S. Food and Drug Administration announced this week that medical device company Abbott has issued a corrective action for implantable cardiac pacemakers made under the St. Jude’s Medical brand. According to the company, there is a “risk of patient harm due to potential exploitation of cybersecurity vulnerabilities.”To address this heart-hacking vulnerability, Abbott is issuing a firmware update to the pacemakers.