Car Wash Companies Cyber-Attack - Possible Credit Card Details Stolen

A local car wash company in the U.S. has put their customers’ financial details in jeopardy following a string of reports from car wash companies across the U.S.

Yankee Car Wash & Detailing says it was told on 27^th March 2017 that their point of sale system was hacked, and has most probably compromised customers’ credit card information if they used the service between 8^th February and 3^rd March.

The point of sale system is operated by a third party platform provider, DRB Systems LLC. On the DRB Systems website, they boast about providing “technology and marketing support to enhance the consumer’s experience and the operational efficiency of car wash”, but it seemingly fails to highlight the importance of data security; arguably one of the most important aspects of a pay system.

The Washington Township company said that it was hit by malware that could have compromised card payment data, card holders’ names, card numbers and security codes.

The company released a statement in an attempt to reassure customers that their personal data was dealt with accordingly:

“Yankee Car Wash & Detailing has worked with DRB Systems LLC, in the process of defending its systems and removing the malware and have been assured that DRB are actively monitoring their platform to safeguard any and all personal information.”

However, I argue that monitoring is simply not enough. Companies should be putting into place master plans to enhance their cyber-security in the event of a future breach; which is quite possible now that hackers are aware of their vulnerabilities. I also believe that prevention strategies should be imposed and reviewed periodically. If the cyber-attackers can access the company’s data once, what will prevent them from doing it again?

Complimentary monitoring

The company are offering one year of complementary credit monitoring through Kroll to customers. According to the company, an estimated 1,000 customers were hit by the breach but up to 2,000 customers have been offered free credit monitoring.

Up to 40 other companies affected by the cyber-attack

Other companies across the U.S. including Mount Pleasant and South Carolina’s Wash Wizard said that its point of sale system was also attacked. Waterworks Car Wash in Denver were also alerted to the point of intrusion on 27^th March. Waterworks owner, Jon Oppenheimer, estimated that up to 4,000 customers’ personal data was accessed. Jon noted that this kind of cyber-attack could well be nationwide.

Start Your Claim

You can call our claims team free from a landline or mobile on 0800 634 7575 or click on the link below to create a call back with one of our expert Data Claims team.

Create A Call Back

Information on how we handle your data is available in our Privacy Policy.

The content of this post/page was considered accurate at the time of the original posting and/or at the time of any posted revision. The content of this page may, therefore, be out of date. The information contained within this page does not constitute legal advice. Any reliance you place on the information contained within this page is done so at your own risk.