Virus targets the food chain’s cash registers in hundreds of stores forcing them offline.
Hundreds of Tim Hortons restaurants in Canada were forced to close last month after malware rendered POS systems unusable.
The cyber-attack specifically targeted point-of-sales (POS) systems, which were forced offline, leaving some stores with no option but to close.
According to reports the malware infected terminals in mid-February and spread to hundreds of locations across North America.
Franchise owners are now reportedly taking legal action for loss of revenue as a result of the incident.
The Great White North Franchisee Association (GWNFA), which represents the franchise owners, is threatening to sue Restaurants Brands International (RBI), which operates Tim Hortons.
It is not yet clear what type of malware was used or whether any customers’ information was breached.
But RBI reportedly told local news that no credit card information had been stolen.
In 2017, retail store Forever 21 disclosed a POS hack which saw thieves steal customers’ card payment details in a seven-month campaign.
While Forever 21 said its payment processing systems have been using encryption since 2015, the investigation determined that the encryption technology on some POS devices was not always on, and that malware was installed “on some devices in some US stores at varying times” between April 3 and November 18.
In most instances, the malware only found track data that did not have cardholder name – only card number, expiration date, and internal verification code – but occasionally the cardholder name was found.
Although in some stores this scenario occurred for only a few days or weeks, it was found that some stores were impacted by the malware for most, or all, of the timeframe.