In an excellent article written by Jason Brown for the Acadiana Bureau and published in 2The Advocate, he talks about Radiant Systems' Aloha POS system, the breach that occurred at several Louisiana restaurants using the system and the ramifications for some of the restaurant owners. One of the victims, Mel's Diner wound up having to pay $50k+ for the whole ordeal. Suffice it to say, when Mel's Diner received a letter from Visa, informing them they needed to conduct a Visa approved audit, "Kiss My Grits" wasn't an option...
"Keith Bond, owner of Mel’s Diner in Lafayette and Broussard, purchased Radiant’s POS Software in October 2007 for the company’s Broussard location, Mel’s Diner Part II. The easy-to-use, touch-based system costs about $20,000 and was intended to replace the business’ reliance on handwritten guest checks.Continue Reading at The Advocate
The system had been in place for only a few months when Bond received a letter from VISA informing him that his system had been compromised. The letter stated that Bond needed to hire a forensic auditor to examine the extent of the breach.
If he refused, Bond could have been subjected to tens of thousands of dollars in fines and a possible revocation of his ability to use credit cards at the store.
He consented and paid about $19,000 for a VISA-approved audit, which allegedly confirmed the compromise.
The audit also found that the system had an insufficient firewall for added security, no anti-virus software on the point of sale terminals and that the seller, Computer World, had allegedly sold him an older unit packaged as new.
Bond said he was forced to hire technicians to secure and continuously monitor his system. As an added precaution, Bond said he reverted back to using a dial-up modem, which has built-in security. The system was never installed in his Johnston Street location in Lafayette.
After the audit, Bond received additional fines from VISA and notification that he was liable for up to $30,000 in charge-backs for the charges made on the stolen credit cards. In some cases, Bond said portions of his daily credit card transactions, or settlements, were withheld to pay back the fees.
Bond estimated the ordeal cost him about $50,000. Fortunately, he said he had enough in reserves to handle most of the costs.
“If you had hundreds of cards stolen, it could force you out of business,” Bond said.
Nationwide problem
Charles Y. Hoff, general counsel for the Georgia Restaurant Association and one of the attorneys assisting in the Lafayette lawsuit, said he has received a multitude of calls from restaurant owners all over the country regarding similar claims. “It is not isolated and it is something that is a real concern on a national level,” Hoff said...