Restaurant customer management platform SevenRooms has confirmed it suffered a data breach after a threat actor began selling stolen data on a hacking forum.
SevenRooms is a restaurant customer relationship management (CRM) platform used by international restaurant chains and hospitality service providers, such as MGM Resorts, Bloomin’ Brands, Mandarin Oriental, Wolfgang Puck, and many more.
On December 15, a threat actor posted data samples on the Breached hacking forum, claiming to have stolen a 427 GB backup database with thousands of files containing information about SevenRooms customers.
The company clarified that guests’ credit card information, bank account data, social security numbers, or any other similarly highly sensitive information was not stored on compromised servers, so it was not exposed in the attack.
Furthermore, SevenRooms claims that there has been no direct breach of its systems, which remain secure against unauthorized external access.