Heimdal
article featured image

Contents:

SevenRooms restaurant platform confirmed that it was affected by a data breach after hackers posted stolen data for sale on the darknet.

The restaurant customer relationship management (CRM) platform is used by multinational restaurant chains and hospitality service companies, like MGM Resorts, Bloomin’ Brands, Mandarin Oriental, Wolfgang Puck, and many more.

Details about the Breach

On December 15, 2022, a post appeared on the Breached hacking forum about stolen data in an incident that affected SevenRooms. The hackers claimed they have a 427 GB backup database containing thousands of files with information about the platform’s customers.

SevenRooms Restaurant Platform Suffered a Data Breach

Source

CRM platform confirmed that it was indeed their data and explained that the data leakage was caused by unauthorized access to the systems of one of its vendors.

SevenRooms recently learned that a file transfer interface of a third-party vendor was accessed without authorization.

Source

However, the platform assures that its systems have not been affected by the data breach, and are still protected from unauthorized access.

“We immediately disabled access to the interface, launched an internal investigation, and we currently have no evidence that any of SevenRooms’ proprietary databases were affected,” said the company.

What Data Was Leaked?

Seller posted online samples in which it can be seen folders named after famous restaurants, clients of SevenRooms, as well as API keys, discount codes, payment records, reservation lists, and more.

This may have affected certain documents transferred to or by SevenRooms, including the exchange of API credentials (now expired), and some guest data, which may include names, email addresses and phone numbers.

Source

But, as the company explained, highly sensitive information like credit card information, bank account data, or social security numbers, were not compromised.

SevenRooms hired an independent cybersecurity company to investigate the attack. Until further information, it is unclear exactly what restaurants and customers were affected by this breach.

If you liked this article, follow us on LinkedInTwitterFacebookYouTube, and Instagram for more cybersecurity news and topics.

Author Profile

Andreea Chebac

Digital Content Creator

Andreea is a digital content creator within Heimdal® with a great belief in the educational power of content. A literature-born cybersecurity enthusiast (through all those SF novels…), she loves to bring her ONG, cultural, and media background to this job.

Leave a Reply

Your email address will not be published. Required fields are marked *

CHECK OUR SUITE OF 11 CYBERSECURITY SOLUTIONS

SEE MORE