The restaurant industry has been hit with a rising number of cyberattacks in the last two years, with major fast-food chains as the primary targets. Here’s a summary of the kinds of attacks to strike this industry and what happened afterward.

Data breaches have been a significant issue, with several large restaurant chains experiencing incidents that compromised the sensitive information of both employees and customers. In one notable case, a breach affected 183,000 people, exposing names, Social Security numbers, driver’s license numbers, medical information, credentials, health insurance information and other financial data. Another attack compromised employee data, including names and driver’s license numbers, though it did not affect store operations or customer data.

Ransomware attacks have also become increasingly common, particularly in the food and agriculture sectors. One significant incident resulted in the temporary closure of nearly 300 restaurants in the UK for a day. These ransomware attacks often target industries with discoverable security lapses.

In addition to these, some breaches have involved unauthorized access to employee email accounts. For instance, a security breach accessed two employee email accounts, impacting a small number of people.

The impact of cyberattacks on restaurant chains

The impact of these cyberattacks on restaurant operations has varied. Some have caused temporary corporate operation disruptions and systemwide tech outages affecting digital ordering, while others have led to brief closures of physical locations. The compromised data often includes employee information, such as names, Social Security numbers and driver’s license numbers, as well as financial information. In response, affected companies typically notify those impacted, offer credit monitoring or identity theft protection services, implement incident response plans and engage cybersecurity experts and law enforcement to restore and secure systems.

Legal consequences have also arisen, with some companies facing class-action lawsuits.

One super trend is the rise of digital payments for restaurant transactions — now, some 80% of transactions are digital — which means there’s more digital customer data and other information.

As with attacks in other industries, these expose increased sophistication and frequency, mostly phishing, ransomware and credential harvesting. These attacks often target employee email accounts and Point-of-Sale (POS) systems, exploiting the high turnover and low cybersecurity awareness among restaurant staff.

Costs for restaurant breaches are rising and can also lead to reputational damage, operational disruptions, loss of customer trust and legal penalties.

While attacks on the big-chain restaurant companies get all the press, smaller restaurant organizations are even more vulnerable, as they’re more likely to lack the resources and expertise of the bigger chains and can often use consumer-grade security tools, which are not up to the task of protecting against major threat actors.

Guidelines to stay safe

Restaurants of all sizes should adhere to the following menu of guidelines for protecting against such attacks:

• Employee training
• End-to-end encryption for online transactions
• Robust POS security
• Regular software updates
• Strong, updated network security
• AI-based vulnerability management
• Patch management
• Third-party vendor vetting
• Cyber insurance
• Incident response planning

It’s reasonable to assume that restaurants and food-based enterprises will continue to be targeted for cyberattacks over the next few years, with the costs of breaches continuing to rise. It’s far better to invest in advance so you don’t get burned.