Friday, October 30th, 2020

Happy Halloween Eve, everyone! Once again, we’re back on another Friday with a new installment of the cyber attack of the week series.

This week, CPG is taking a look at a recent cyber attack on a popular restaurant chain in the UK, Nando’s.

Further, cybercrooks used a method of attack to attack customer accounts, and execute fraudulent purchases. Let’s get into the attack.


Background on the Nando’s

To begin, Nando’s is a South African restaurant chain that prepares a variety of chicken dishes. Their most popular and well-known dish is the  flame-grilled peri-peri style chicken, and a major fan favorite. 

The chain operates across the world. Nando’s operates over 1,000 restaurants in 35 countries, including the US.

Continuing, as a feature for the restaurant, customers are able to create accounts for ordering online. Many choose to use this feature, especially in the time of a pandemic, to make ordering takeout safe and convenient. 

But, as great as the convenience is, this is where the attack begins. 


The Attack

Continuing on, the attack begins within customer accounts. When the attacks began, customers started to report fraudulent purchases on their account. The amount purchased on the hijacked accounts ranged from only £50, one customer reported a £670 order. 

To elaborate, the attacker or hijackers used a type of credential hijacking attack in order to breach the customer accounts. 

Nando’s released a statement regarding the attack. The company claimed that while their systems did not fall victim during the attack, personal customer accounts did. 


“While our systems have not been hacked, unfortunately some individual Nando customer accounts have been accessed by a party or parties using a technique called ‘credential-stuffing,’ whereby the customer’s email address and password have been stolen from somewhere else and, if they use the same details with us, used to access their Nando’s accounts.”


Recovery for Nando’s

Overall, the restaurant did express concern for the attack and offers to reimburse those accounts who fell victim to the attack.

It is recommended for the customers who fell victim to change or update their account credentials. This includes updating your password, and any other account with the same password with the email tied to Nando’s account. 

This would prevent the hijackers from credential stuffing another one of the victim’s accounts.

As a general rule and recommendation, you should never have the same password for your accounts. As previously stated, it will prevent a ripple effect of attacks on all accounts if one is compromised.

Hopefully, the Nando’s customers update their passwords, and you, the readers, do as well.


By Taylor Ritchey