It’s confirmed that some locations of the Applebee’s restaurant chain suffered a point-of-sale (POS) breach involving customers’ payment card data.
On 2 March, RMH Franchise Holdings (RMH) issued a notice of data incident on its website.
The statement explains how RMH, a franchisee of Applebee’s which operates more than 150 restaurant locations, discovered that something was amiss on 13 February.
On February 21, 2018, the Securities and Exchange Commission (SEC) issued an interpretive Commission Statement and Guidance on Public Company Cybersecurity Disclosures (the “Guidance”) to assist public companies in meeting their cybersecurity disclosure requirements under the federal securities laws. The Guidance notes that, as reliance on networked systems and the Internet have increased, so too have the risks and frequency of cybersecurity incidents, and companies have no choice but to incur the considerable costs of addressing information security risks, particularly in the wake of a cybersecurity incident. Examples of such costs include IT costs, employee training, remediation expenses, litigation, agency investigations and enforcement actions, reputational harm and damage to long-term shareholder value.