NEXTEP acknowledged it was investigating a possible breach after numerous card issuers traced fraudulent card activity back to Zoup, a Missouri-based restaurant chain that's one of NEXTEP's clients.
"Zoup's third-party, point-of-sale (cash register) system recently experienced a payment card security incident that affected most of our U.S. locations," Ersher says. "We have been informed that card numbers entered manually or online were not affected. The good news is we found the cause of the issue and eliminated it on March 5."
Tommy Woycik, president of Troy, Mich.-based NEXTEP, tells Information Security Media Group: "NEXTEP was recently notified by law enforcement that the security of the systems at some of our customer locations may have been compromised. NEXTEP immediately launched an investigation in cooperation with law enforcement and data security experts we retained to determine the root cause and remediate the issue."