Cicis Pizza Suffers Ransomware Attack

Cicis Pizza, a well-regarded entity within the hospitality industry, recently fell victim to a ransomware attack orchestrated by the group known as Lv. This incident was disclosed on the group's dark web leak site. Despite this setback, Cicis Pizza's website remains accessible and fully operational.

The hospitality sector, within which Cicis Pizza operates, has experienced a notable uptick in cyber attacks over the past few years. A significant event in the company's history occurred in 2016 when it encountered a credit card data breach affecting over 135 locations. This breach was attributed to malware that had been introduced into the point-of-sale (POS) system by an external attacker.

As a Texas-based restaurant chain, Cicis Pizza boasts more than 500 stores across 35 states. The brand has carved out a niche for itself by offering an all-you-can-eat buffet featuring pizza, pasta, salad, and dessert, all at a singular, affordable price point.

The specific vulnerability exploited in the recent ransomware attack has not been detailed in the information made available. However, it has been noted that the attackers masqueraded as technical support specialists for the company's POS system provider. This tactic implies that the attackers may have leveraged weaknesses within the POS system or the broader security protocols of the company.

Reflecting on this incident, it is clear that Cicis Pizza has once again become a target for cybercriminals, with the recent ransomware attack following a significant credit card data breach in 2016. The method of attack suggests an exploitation of vulnerabilities within the company's POS system or its security measures.

Sources

• Cicis Pizza - Lewisville-Main
• CiCi’s Pizza Gets Hit by Credit Card Breach - Security News - Trend Micro
• Cici's Pizza suffers payment card data breach - IT Governance USA Blog
• Banks: Credit Card Breach at CiCi's Pizza - Krebs on Security