You’ve probably placed an order for food online in the past six months; many of us do this regularly. We’ve all noticed that restaurants around the world are being pushed into a delivery or pickup-only business model in order to survive during the pandemic, primarily with consumers placing orders online and making digital payments. While this pivot has helped businesses survive tough times, criminals are now taking full advantage of the surge in e-commerce: March 2020 saw a 600% increase in email phishing scams. Restaurant owners are now well aware that they have a duty to protect customers with trusted cybersecurity. But to complicate matters further, 74% of customers want free Wi-Fi to be part of their dining experience, opening the door to even more customer vulnerability. Jacey Kaps is a lawyer at RumbergerKirk, and he joined me to discuss the legal ramifications for restaurants and how they protect against cybersecurity risks and data breaches.
Restaurant giants like McDonald’s are not immune to worrying cybersecurity risks. This year alone, McDonald’s said attackers stole emails, phone numbers and addresses from delivery customers in South Korea and Taiwan. According to SecurityMagazine.com, in Taiwan, hackers also stole employee information, including names and contact details. Even with the biggest of business at risk, Hilary Kennedy asked lawyer Pooja S. Nair to share what restaurants should do to prepare for the worst cybersecurity risks.
“The restaurant industry is particularly vulnerable to mobile security incidents due to physical tampering and point-of-service hacking such as clerk skips, point-of-sale exchanges and malware attacks that can lead to incidents. security systems that expose sensitive customer information. The problem is, it is expensive to set up security, but disclosure of a data breach is required by law and it will be noticed by customers. – Jacey kaps
“What responsibility do restaurants have to protect themselves against cybersecurity attacks and data breaches? Well, this has been an extremely hot topic, especially with some recent and high-profile cases of restaurant and hotel chains being attacked over cybersecurity data breaches. For example, Dickey’s Barbecue recently settled a case in August 2021 in which it involved a data breach that exposed consumer credit card information. And the allegations in the lawsuit were that they did not securely keep customer data and that this violated California’s consumer protection law, the CFPA. As more and more restaurants offer services like Wi-Fi, it is important that they are aware of the consequences of a potential violation, what they can do to develop their infrastructure and the resources on which they can. tap to limit their liability. So in some cases it could be a form of cyber insurance to protect against the consequences of a data breach or hack. In many cases, it is important to analyze how exactly customer data is collected and stored and to ensure that the servers that are used to store that data are secure and that you have a plan, a plan for business continuity in the event of a consumer data breach. . Being able to quickly notify consumers in the event of a sensitive data breach and ensure that customers using your Wi-Fi systems sign something on the login page that indicates they know it is. ” a public Wi-Fi access point. – Pooja nair