Northwest favorite’s fast food spot, Burgerville, has become the latest company to suffer a significant data breach.  The company disclosed on their website that any customers who used a credit or debit card from September 2017 to September 2018 at any of its locations might have had their card details stolen. The company operates 42 locations in the region throughout Oregon and Southwest Washington. With over 1,500 employees, Burgerville focuses on seasonal, local food from nearly a thousand Northwest family farms.

In August, the FBI contacted Burgerville to notify the company that it had been targeted in a cyber attack. The company was under the impression the attack had not been intrusive until recently, when malware was detected on its systems. Coordinating with the FBI and an external cybersecurity firm, they neutralized and contained the malware.

“As soon as Burgerville learned the intrusion was still active, the company immediately began steps to completely eradicate this breach, necessitating that all Burgerville systems be taken offline and upgraded simultaneously without any warning to the criminals,” the company said in a press release.

Potentially impacted customers should:

  • Review their card statements for any unauthorized charges. If there is something suspicious, they should contact their credit or debit card company immediately to report the activity.
  • Obtain a copy of their credit report and look for unauthorized activity there, too. People can get a free copy of their credit report once every 12 months from each of the three top credit reporting agencies. To obtain an annual free credit report, please visit or call 1-877-322-8228.
  • They may also want to consider freezing their credit. As of September 21, 2018, freezing credit is a free service provided by the three major credit bureaus. Customers can go to each of the credit bureau websites listed below and locate the security freeze information.
  • Burgerville has set up a call center for concerned customers with further questions. Call 1-855-336-6688 (toll-free, US only) anytime between the hours of 6:00am-6: 00 pm (PST) Monday through Saturday.

While the company has yet to disclose many technical details, it attributed the attack to Fin7, a “prolific” international cybercrime group that involved in “a highly sophisticated malware campaign targeting more than 100 U.S. companies, predominantly in the restaurant and hospitality industries.” Believed to be a billion-dollar operation, Fin7 operates under the guise of a front company while selling stolen data in online marketplaces.

The attack on Burgerville was likely accomplished by malware that infected its point-of-sale systems — a frequent target in the recent surge of restaurant cyberattacks. The company confirms that names, credit card numbers, expiration dates, and CVV numbers were captured by the attack.

According to the Department of Justice report, Fin7 began many of its attacks with spear phishing campaigns that delivered attachments laced with an “adapted version” of the malware known as Carbanak. The Department of Justice noted that Fin7 was behind hacks of Chipotle, Chili’s and other food chains, including local businesses in the Northwest.

If you have questions about this or other cybersecurity threats, contact Upward to learn more about how to protect your data.