The severity is critical due to the potential exposure of sensitive customer information, including personal data and financial details. Real-world exploitability is high as evidenced by the extortion emails. There are no known patches or updates yet.
HungerRush's POS system may have been compromised, leading to potential exposure of customer data. The attack vector involves extortion emails sent to restaurant patrons threatening data leaks unless demands are met. Restaurants using HungerRush and their customers are affected.
Affected Systems
- HungerRush POS system
- NetSuite
- QuickBooks
- Stripe dashboards
- Bill.com vendor payment systems
- Visa Online commercial services
- Salesforce environments
Affected Versions: All versions in use at the time of compromise
Remediation
- Change all passwords for affected systems, including NetSuite, QuickBooks, Stripe, Bill.com, Visa Online, and Salesforce.
- Enable multi-factor authentication (MFA) on all accounts if not already enabled.
- Conduct a full security audit to identify any further breaches or vulnerabilities.
- Notify customers about the potential data exposure and provide guidance for protecting their information.
Stack Impact
This incident affects multiple services including NetSuite, QuickBooks, Stripe dashboards, Bill.com vendor payment systems, Visa Online commercial services, Salesforce environments, and possibly customer-facing POS systems.