Theodore Decker reports:
Diners who frequent a popular Downtown restaurant should review their charge-card statements because hackers broke into its computer system to loot debit- and credit-card numbers, police said today.
Between 30 and 50 people have reported fraudulent charges on their accounts, and Columbus detectives said that anyone who used a charge card at Tip Top Kitchen and Cocktails in July or August is at risk.
Detective Wyatt Wilson of the Columbus police fraud/forgery unit said police began linking reports of credit-card fraud in October. Cross-checking the victims’ accounts revealed Tip Top, which is on E. Gay Street, as a common denominator, he said.
Read more in the Columbus Dispatch.
In case you’re wondering, no, Tip Top was not using the Aloha POS system. The restaurant informs DataBreaches.net that they were using 2Touch POS. According to a restaurant spokesperson, 2Touch used VNC software “so 2Touch can do maintenance, install updates etc from their offices.”
An “unknown IP address” was found on the VNC logs as well as malware. VNC has been disabled and the malware removed. Hard drives have even been replaced for good measure. So far the CPD has traced the IP address to somewhere in Europe.”