Catch Hospitality Group has disclosed that point-of-sale systems (POS) at NYC hotspots Catch NYC, Catch Rooftop, and Catch Steak were infected with malware that allowed attackers to steal credit card information from customers. According to Catches ‘payment card incident’ notice, the POS malware was active at Catch NYC and Catch Rooftop between March 19, 2019 and October 17, 2019. For Catch Steak, which opened for business on September 18th, the malware was active between September 17, 2019 and October 17, 2019.
Source: Bleeping Computer