Folks who visited a Dave & Buster's in '07 might want to take note: Yesterday, the U.S. Department of Justice revealed that during a five-month period last year, hackers got into the Dallas-based fun-and-games chain's database and swiped customers' credit card numbers, expiration dates and security codes while they were being transmitted from various locations to the company's Manana Drive HQ. Noted Wired's Threat Level blog late yesterday, the three men involved come from as far away as the Ukraine and Estonia; they were indicted in the Eastern District of New York on charges of "using 'college-level knowledge of computer programming skills' to steal and sell credit card numbers" from folks who, damn it, just wanted to play Big One Crane after gorging themselves on Aquarita Margaritas and Over the Wedge Cheese Fries.
Update: Dave & Buster's has released an official statement concerning the hacking -- and, yes, two Dallas locations were indeed "compromised."
The government said the Dave & Buster's hackers illegally accessed 11 of the national chain's servers and installed packet sniffers at each location. The sniffers vacuumed up "Track 2" data from the credit card magstripes as it traveled from the restaurant's servers to Dave & Buster's headquarters in Dallas, according to the indictment. At some point, the restaurant detected the intrusions and alerted authorities.
If you like this story, consider signing up for our email newsletters.
SHOW ME HOW
You have successfully signed up for your selected newsletter(s) - please keep an eye on your mailbox, we're movin' in!
Though, if it makes you feel any better, the one thing not contained in the Track 2 data is the cardholder's name. --Robert Wilonsky