Which Fast Food Chain is Next in Line to Get Hacked?

By UpGuard on February 15, 2017

Filed under: CSTAR, cyber risk

Arby's announced last week that its recently disclosed data breach may impact 355,000 credit card holders that dined at its restaurants between October 2016 and January 2017. Are fast food vendors resilient enough to sustain future cyber attacks and—more importantly—protect consumers against online threats?

Like recent data breaches involving Wendy's and Subway, the Arby's cyber attackers employed point-of-sale (POS) malware to carry out the compromise. Hundreds of thousands of credit/debit cards may have been stolen from the company's cash registers and POS systems. Malware is one thing, but how does Arby's perform in terms of cyber resilience and website perimeter security? In a word, poorly.  

CSTAR - Arby's

Security flaws such as lack of sitewide SSL, missing HTTP strict transport security, disabled HttpOnly Cookies/secure cookies, and lack of DMARC/DNSSEC could leave its website at the mercy of cyber attackers.

Want to find out how other fast food vendors measure up in terms of cyber resilience? Check out our recent CSTAR coverage of the industry's leading fast food brands.

Get a Guided UpGuard Demo

More Articles

How CSTAR Works

All the information needed to perform a CSTAR assessment is bundled into the UpGuard platform. Learn more about CSTAR.
Read Article >

What's In the Website Risk Grader?

The UpGuard Website Risk Grader provides a low friction way to get an initial assessment of a business' risk profile.
Read Article >

Understanding Risk in the 21st Century

And as we enter 2016, the risk of data breaches in particular threatens to hamper business innovation.
Read Article >

The World's First Cyber Resilience Platform

Whether your infrastructure is traditional, virtualized, or totally in the cloud, UpGuard provides the crucial visibility and validation necessary to ensure that IT environments are secured and optimized for consistent, quality software and services delivery.

See how it works at UpGuard.com