Card fraud blamed on cyber attack on 8 local businesses
January 16, 2015
Steamboat Springs — After a cyber attack, Routt County has learned a big lesson when it comes to credit and debit card fraud.
The Steamboat Springs Police Department on Friday released a list of eight businesses that had point-of-sale systems infected with a virus that was stealing customer card information. In the past month, there have been an unprecedented number of people locally who have had their cards compromised, and the information then used at retailers throughout the United States.
Jon Quinn, with Northwest Data Services, said Friday evening that he has been working with the affected businesses.
"We're pretty confident that we've eliminated the immediate risk," Quinn said.
The affected businesses include Rex’s American Grill & Bar, Mazzola’s Majestic Italian Diner, Big House Burgers, Lil’ House and Laundry, which are all owned by Rex Brice.
"I know that at the end of this process, we'll have the most secure system of any restaurant in Steamboat, and we feel violated and disgusted and bummed that this has hurt our customers," Brice said. "I think it will probably hurt our business."
Recommended Stories For You
The other affected restaurants police know about are Three Wire Bar & Grill at Yampa Valley Regional Airport, The Tap House Sports Grill and Old Town Pub.
Three Wire is owned by Routt County. Melissa Baker, who owns Tap House and Old Town Pub, could not be reached for comment Friday night.
Quinn said he has been working with all the businesses that police had identified, and their computer network activity is being watched closely.
"I'd be happy to go to Rex's tonight and swipe my card," Quinn said.
According to police, all the impacted businesses use the same company for their point-of-sale systems, which are used to process credit cards. The virus is affecting some point-of-sale systems from Advanced Restaurant Management Applications, or ARMA, based in Denver.
ARMA President John Denardo said Friday that the affected businesses identified by police are the only affected systems he is aware of in Steamboat. In Colorado, he said there were a couple of other affected systems in Vail.
"We're trying to isolate it, contain it and make recommendations to the customers," Denardo said. "This is an external attack that's probably coming from overseas."
Denardo said he is working closely with the U.S. Secret Service, which investigates cyber crimes. Denardo said the virus affecting the machines appears to be a virus called the "back off" virus, and it has been infecting point-of-sale machines across the country.
"There is a whole bunch of this stuff going on," Denardo said.
Quinn said there has not been a cyber attack of this scale in Steamboat before.
Quinn said someone remotely accessed the point-of-sale computers when no one at the restaurants would be looking at the computers and installed the malicious software. They then had complete remote control of the computers.
Quinn said he was able to see that the computers were connecting to a host in Russia.
"Somebody got the keys to the car and took it for a joyride," he said.
Brice said it was not until Thursday that it was confirmed that his restaurant's point-of-sale systems had been attacked.
"From my end, it's frustrating," Brice said. "From a consumer's end, it's really hard to have confidence in where and when you use your card."
Brice had advice for customers who have visited his restaurants in the past two months and used a credit or debit card, even if they have not been used fraudulently since.
"I would recommend contacting credit card companies and say it might be at risk," Brice said.