NCR is facing the repercussions of a ransomware attack that has impacted its Aloha POS system, which serves the hospitality industry.
The Aloha POS system is utilized by approximately 140,000 locations globally, including major brands such as Brewdog, Dunkin Donuts, Gaucho, and Nandos.
The BlackCat/ALPHV group has claimed responsibility for the attack in a post on the data leak site eCrime.ch. They indicated that during a period of silence, NCR representatives sought information regarding data that may have been compromised. After determining that NCR data had not been stolen, but that access to customer networks had occurred, they decided to release a statement. They warned that action would be taken regarding NCR customers, adding, “If you become our victim you know who to thank.”
In response to the breach, NCR has informed customers and enlisted external experts to manage the situation and initiate recovery efforts. The company has indicated that in-restaurant purchases and transactions are still operational. However, some affected customers are experiencing limitations in particular Aloha cloud-based services and Counterpoint functionalities, which are hindering their capability to handle administrative operations.
NCR stated, “We believe this incident is limited to specific functionality in Aloha cloud-based services and Counterpoint. Our ongoing investigation also suggests that no customer systems or networks are affected, and none of our ATM, digital banking, payments, or other retail products are processed at this data center.”