[ad_1]
Restaurants can also digitally record customer data they need to collect to track contacts. One of the selected cloud providers had security gaps that a group of hackers discovered, such as “20 minutes“Reported.
A piece of paper for guest registration in a restaurant.
Photo: Carsten Rehder (Keystone)
The affected one is Gastronovi’s software, which among other things offers cash register systems for restaurants. According to the company, the cloud system processes 600,000 reservations every month and processes EUR 96 million in restaurant sales. Restaurants and hotels are also customers in Switzerland.
Even the hackers were amazed
Members of the Chaos Computer Club (CCC, see below) in Germany have now discovered several vulnerabilities in the Gastronovi cloud system. As the CCC writes in a message, data from 5.4 million reservations and more than 87,000 corona contact surveys from 180 restaurants could be harnessed. Hackers were surprised to find that some of the booking data was more than ten years old.
As stated in Friday’s announcement, hackers were able to gain full administrative access to all data stored in the system in a short time by incorrectly checking access rights. Hackers were also able to see improperly protected passwords.
«Rapid tissue solutions» after blocking
Some of the gaps were so glaring that any user could have discovered it, said Sophie Bertsch of the CCC, who verified the Gastronovi systems, when ARD. “When the restaurant business reopened, solutions that were not state-of-the-art were quickly introduced.”
According to Tagesschau.de, Gastronovi confirmed on request that the systems were vulnerable. These were “security weak spots” that have now been closed. Gastronovi also stated that “There was no unauthorized access” to the data.
The cloud provider belongs to the Coop subgroup
Also in Switzerland, catering companies use Gastronovi solutions for administration. The company is part of Transgourmet Holding, which belongs to the Coop cooperative, writes the Swiss branch of CCC on Twitter.
Coop media spokesman Patrick Häfliger told “20 minutes” that Gastronovi’s offer was safe. “IT specialists reviewed the systems and the security gaps were closed.” Häfliger did not say how many Swiss companies are using Gastronovi’s offerings and keeping customer data in the cloud in the wake of the Corona crisis.
The Chaos Computer Club
The Chaos Computer Club, founded in 1981, deals with the security and data protection aspects of technology in German-speaking countries. The non-profit association has around 5,000 members. Members repeatedly analyze the offerings and systems of various companies and organizations on their own initiative. The focus is on warning users about potential security breaches in systems. Every year the organization also organizes the Chaos Communication Congress, in which international guests also participate.
