Mexican fast food chain Chipotle announced Tuesday that its customer payment system had been breached. In a statement on the company's website, Chipotle said it detected "unauthorized activity" on the system. Officials are focusing on credit card transactions that occurred from March 24, 2017, to April 18, 2017.
The restaurant added that the breach has been stopped and additional security measures have been added, though the investigation is ongoing. Chipotle encouraged customers to monitor their card activity.
A new variant of the Ransomware XPan is targeting small to medium-sized businesses primarily located in Brazil. Harvesting victims via weakly protected RDP (remote desktop protocol) connections, criminals are manually installing the ransomware and encrypting any files which can be found on the system.
Interestingly, this XPan variant is not necessarily new in the malware ecosystem. However, someone has chosen to keep on infecting victims with it, encouraging security researchers to hunt for samples related to the increasing number of incident reports.
*IP addresses provided by Recorded Future.
Want to learn about Alert Logic products in more detail? Call us direct at +1.877.484.8383, for the UK call +44 (0) 203 011 5533, or complete this form. An Alert Logic representative will contact you soon.