Saturday, July 20

NCR Datacenter Hit by Ransomware Attack, Payment Services Disrupted

NCR, a major provider of payment services, is currently dealing with a ransomware attack that has affected its systems. The attack has caused an outage in one of its data centers and impacted the functionality of its Aloha point-of-sale system used by restaurants and Counterpoint management system used by retailers.

While the investigation into the attack is ongoing, NCR has stated that none of its ATMs, digital banking, payments, or other retail products have been affected.

The company has notified its customers of the incident, engaged external experts for support, and is working to restore impacted data and applications while enhancing its cybersecurity protocol. Some customers may have reduced capabilities on affected cloud-based Aloha and Counterpoint functionality, but in-restaurant purchases and transactions continue to operate.

The company’s incident report shows an ongoing investigation into the cyberattack. It appears that none of the ATMs, digital banking, payments, or other retail products are processed at the affected data center.

NCR has taken several steps to address the ransomware attack on its systems. The company has immediately notified its customers of the incident and has enhanced its cybersecurity protocol to prevent similar attacks in the future.

NCR has also engaged external experts to obtain their opinions on the matter of security to contain the incident and support the recovery process. In addition, the company has enlisted the help of internal experts, external forensic cybersecurity experts, and federal law enforcement to investigate the attack and determine its origin.

The ransomware attack on NCR’s systems has resulted in reduced capabilities for some customers using the affected cloud-based Aloha and Counterpoint functionality. This has impacted their ability to manage restaurant administrative functions. However, in-restaurant purchases and transactions are still operating as usual.

NCR is working to establish alternative functionality for affected customers, fully restore impacted data and applications, and enhance its cybersecurity protections to prevent similar incidents in the future.