A POS vendor is being sued
Posted by: Curtis Stevens on December 1st, 2009

Radiant Systems has found themselves in a lawsuit filed by a group of 7 restaurants in the Louisiana area.  Their claim was the POS system they sold was not PCI compliant and therefore was hacked by someone overseas.   The suit states that the POS system stored all the credit card data which is in violation of PCI standards.   The POS system named is called Aloha. Aloha was originally owned by a POS company, but was purchased by Radiant Systems, which also  does credit card processing. Computer World was also mentioned in the suit. They allegedly installed a program that allows their techs to remotely access the systems, but did not secure the program. They used the default ID & password, which created a big vulnerability. The hackers then gained accessed through the software program and installed malware that grabbed the stored credit card data. One of the plaintiffs stated that he was forced to hire a forensic team to investigate the breach, which cost him thousands. He was then fined by Visa & MasterCard for the breach. In total, the breach cost him $50K. I see why they created the lawsuit, as both companies involved should have taken measures to prevent this. Computer World should not have done what they did and Aloha should never store the credit card data. It generally is not a good idea to store that kind of sensitive information.

Comments are closed.

Merchant Accounts | Credit Card Logos | Ecommerce Blog
Merchant Account Articles | Resources | Link-to-Us | Privacy Policy