Details emerge on Fuzzy’s Taco Shop credit card breach
No, it wasn’t an employee with a skimmer. There’s an update to the Fuzzy’s Taco Shop breach involving customers’ credit card information. Andrew McMillan reports:
KTXS spoke with Detective Gabriel Thompson with the APD Fraud Division Thursday, and he revealed more details about the two-month-long data breach that started in July and ended Sept. 1.
He said the information was not taken by any employees at the Abilene location, and no physical devices were installed to get the credit card information.
Thompson said online hackers were able to spoof an email from an employee who works with Fuzzy’s Taco Shop’s information technology and computer system. The hackers pretended to be the IT employee and sent an internal email to the manager of the Abilene Fuzzy’s.
The email instructed the manager to download a program on a computer connected to the restaurant’s point of sale systems. That program turned out to be malware that infected the system and obtained credit card information from purchases made at the restaurant, according to Thompson.
Read more on KTXS.