Restaurant CRM platform SevenRooms confirms data breach

Data Breach
(Image credit: Shutterstock)

SevenRooms, a customer management platform (CRM) provider for restaurants,  has confirmed that a cybercriminal managed to obtain sensitive data on its customers, from its endpoints

In a statement issued to BleepingComputer, a company spokesperson said it, “recently learned that a file transfer interface of a third-party vendor was accessed without authorization”.

"This may have affected certain documents transferred to or by SevenRooms, including the exchange of API credentials (now expired), and some guest data, which may include names, email addresses and phone numbers."

Investigation underway

The company also said that its systems were not directly breached in the incident: "We immediately disabled access to the interface, launched an internal investigation, and we currently have no evidence that any of SevenRooms' proprietary databases were affected," the spokesperson clarified.

"We have retained independent cybersecurity experts to assist with this investigation and will provide additional updates as appropriate." The company did not say which firm was hired to lead the forensic analysis.

Still, whoever managed to access the database later advertised it on the Breached hacking forum, posting a forum thread saying they have a backup database of 427GB, holding thousands of files with info on SevenRooms’ customers. 

According to BleepingComputer, the company’s customers include MGM Resorts, Bloomin’ Brands, Mandarin Oriental, Wolgang Puck, and others. The customer list is relatively extensive, and while SevenRooms did not say which firms were affected, we can only wait until individual restaurants come out with more details.

The attackers released a sample that held API keys, promo codes, payment reports, and reservation lists, among other things. Payment data, such as credit card information, bank account data, social security numbers, or similar, have not been compromised, as the company doesn’t store it on the affected servers, it was added.

Via: BleepingComputer

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.