Sophisticated fraud organization allegedly hits Ted's Cafe
Technorati Tag: Security Breach
Date Reported:
12/16/08
Organization:
Ted's Café Escondido
Contractor/Consultant/Branch:
None
Location:
Edmond, Oklahoma
Victims:
Customers
Number Affected:
Unknown
Types of Data:
"credit and debit card information"
Breach Description:
"EDMOND — A federal investigation into the theft of credit and debit card information from an Edmond restaurant last month is ongoing."
Reference URL:
The Oklahoman
Report Credit:
Diana Baldwin, The Oklahoman with a special thank you to a couple of informed Breach Blog readers.
Response:
From the online source cited above:
EDMOND — A federal investigation into the theft of credit and debit card information from an Edmond restaurant last month is ongoing.
[Evan] There are five Ted's Café Escondido restaurants, all in Oklahoma. The only one of the five mentioned is the one located at 801 E. Danforth Road, in Edmond Oklahoma. Are the other four stores unaffected by the apparent breach? Has anyone been notified that they may be affected?
Scott Funk, assistant special agent in charge at the U.S. Secret Service office in Oklahoma City, said the investigation into the credit card fraud case is extensive and spreads across multiple states.
[Evan] This statement makes things seem much larger than stolen credit/debit card information from a single restaurant used to commit fraud.
"This involves a sophisticated organization,” Funk said.
[Evan] We should define "sophisticated". Credit/debit card fraud and other types of identity theft are much easier crimes to commit than many people realize. Why do you think it is so prevalent? Idiots can and do commit identity theft.
Customers at Ted’s Cafe Escondido, 801 E Danforth Road, became victims in the investigation when they visited the restaurant Nov. 4.
[Evan] Now this adds to my confusion and really leads me to believe that there could be other companies involved (breached). Are we to believe that a "sophisticated", multi-state criminal operation committing credit/debit card fraud only hit a single location on a single day? Is it more plausible that a single restaurant was hit on a single day and the stolen information was sold to others who committed fraud in multiple states? Maybe Ted's is only one of many businesses that were hit. My mind races when communication isn't clear.
Rick Tate, owner of Ted’s restaurants, said he has been working with law enforcement officers in their investigation.
In the meantime, Tate said he has taken steps at all of his restaurants to secure any personal information of his guests using credit and debit cards.
[Evan] Do share. We (meaning the public) don't even know how the compromise took place.
"We take the security of all personal information very seriously,” Tate said. "We have gone to great lengths to protect information pertaining to all of our guests.”
Tate said restaurant guests can feel confident using their credit or debit cards at the Edmond restaurant and at any other of his establishments.
[Evan] Maybe guests can feel confident, but will they?
Victim Testimony:
Janell Lough, a University of Central Oklahoma student, said $250 was missing from her account after a group of 14 friends celebrated her sister’s birthday at the restaurant.
Purchases made with her card were at a Target store in California, she said. "I was thinking I shopped at Target but I’ve never spent that much money,” Lough said. "I called my credit card company and they said they would cancel my card.”
She has been reimbursed the money spent on her card.
"I don’t use my debit card much anymore,” Lough said. "I try to use cash whenever I can.”
[Evan] This is actually not too bad of a tip, in my opinion. Debit card fraud is a little scarier to me in the fact that it impacts a person's finances immediately. At least with credit card fraud, a victim has time (30 days or more) to react before financial impact hits home.
Commentary:
This story has caught my attention, but what does it all really mean? I guess the customers of Ted's who may have used their credit/debit cards during their visit, should be aware that there is a possibility of a looming problem.
Beyond that? We don't know how the breach took place. We don't know how many people are affected. We don't know what actions Ted's took to prevent future occurrences. We don't know much about this "sophisticated organization".
To be fair, this may well be the work of a "sophisticated organization", but based on the publicly available information how can we make a call?
Hmm.
Past Breaches:
Unknown

12/16/08
Organization:
Ted's Café Escondido
Contractor/Consultant/Branch:
None
Location:
Edmond, Oklahoma
Victims:
Customers
Number Affected:
Unknown
Types of Data:
"credit and debit card information"
Breach Description:
"EDMOND — A federal investigation into the theft of credit and debit card information from an Edmond restaurant last month is ongoing."
Reference URL:
The Oklahoman
Report Credit:
Diana Baldwin, The Oklahoman with a special thank you to a couple of informed Breach Blog readers.
Response:
From the online source cited above:
EDMOND — A federal investigation into the theft of credit and debit card information from an Edmond restaurant last month is ongoing.
[Evan] There are five Ted's Café Escondido restaurants, all in Oklahoma. The only one of the five mentioned is the one located at 801 E. Danforth Road, in Edmond Oklahoma. Are the other four stores unaffected by the apparent breach? Has anyone been notified that they may be affected?
Scott Funk, assistant special agent in charge at the U.S. Secret Service office in Oklahoma City, said the investigation into the credit card fraud case is extensive and spreads across multiple states.
[Evan] This statement makes things seem much larger than stolen credit/debit card information from a single restaurant used to commit fraud.
"This involves a sophisticated organization,” Funk said.
[Evan] We should define "sophisticated". Credit/debit card fraud and other types of identity theft are much easier crimes to commit than many people realize. Why do you think it is so prevalent? Idiots can and do commit identity theft.
Customers at Ted’s Cafe Escondido, 801 E Danforth Road, became victims in the investigation when they visited the restaurant Nov. 4.
[Evan] Now this adds to my confusion and really leads me to believe that there could be other companies involved (breached). Are we to believe that a "sophisticated", multi-state criminal operation committing credit/debit card fraud only hit a single location on a single day? Is it more plausible that a single restaurant was hit on a single day and the stolen information was sold to others who committed fraud in multiple states? Maybe Ted's is only one of many businesses that were hit. My mind races when communication isn't clear.
Rick Tate, owner of Ted’s restaurants, said he has been working with law enforcement officers in their investigation.
In the meantime, Tate said he has taken steps at all of his restaurants to secure any personal information of his guests using credit and debit cards.
[Evan] Do share. We (meaning the public) don't even know how the compromise took place.
"We take the security of all personal information very seriously,” Tate said. "We have gone to great lengths to protect information pertaining to all of our guests.”
Tate said restaurant guests can feel confident using their credit or debit cards at the Edmond restaurant and at any other of his establishments.
[Evan] Maybe guests can feel confident, but will they?
Victim Testimony:
Janell Lough, a University of Central Oklahoma student, said $250 was missing from her account after a group of 14 friends celebrated her sister’s birthday at the restaurant.
Purchases made with her card were at a Target store in California, she said. "I was thinking I shopped at Target but I’ve never spent that much money,” Lough said. "I called my credit card company and they said they would cancel my card.”
She has been reimbursed the money spent on her card.
"I don’t use my debit card much anymore,” Lough said. "I try to use cash whenever I can.”
[Evan] This is actually not too bad of a tip, in my opinion. Debit card fraud is a little scarier to me in the fact that it impacts a person's finances immediately. At least with credit card fraud, a victim has time (30 days or more) to react before financial impact hits home.
Commentary:
This story has caught my attention, but what does it all really mean? I guess the customers of Ted's who may have used their credit/debit cards during their visit, should be aware that there is a possibility of a looming problem.
Beyond that? We don't know how the breach took place. We don't know how many people are affected. We don't know what actions Ted's took to prevent future occurrences. We don't know much about this "sophisticated organization".
To be fair, this may well be the work of a "sophisticated organization", but based on the publicly available information how can we make a call?
Hmm.
Past Breaches:
Unknown
Comments