NCR ransomware attack is ‘crippling’ for some NH restaurants


The outage has meant “crippling outages” for restaurants, Tom Boucher, CEO and owner of Great New Hampshire Restaurants, said in an email to customers.

MANCHESTER, NH – Restaurants in New Hampshire, and across the country, have not been able to process loyalty products, gift cards or, in some cases, online orders, for more than a week because of a ransomware attack on NCR/Aloha, a point-of-sale provider.

While NCR hasn’t said how many customers are affected, Restaurant Business magazine reported that as of last summer, more than 100,000 restaurants used NCR products.

Atlanta-based NCR said in a news release last Sunday that the outages are “limited to specific Aloha cloud-based and Counterpoint functionality that has impacted their ability to manage restaurant administrative functions.” The functions include payroll, loyalty and gift card programs, online ordering and some other functions.

NCR said that the hack was to one data center. “At this time, our ongoing investigation indicates that no customer systems or networks are involved. None of our ATM, digital banking, payments, or other retail products are processed at this data center,” the release said.

The company said it was working to establish “alternative functionality for customers,” as well as restore affected data and applications, and to enhance cyber security protections.

The outage has meant “crippling outages” for restaurants, Tom Boucher, CEO and owner of Great New Hampshire Restaurants, said in an email to customers. The company is the marketing and management company for T-Bones, CJ’s, Cactus Jack’s, Copper Door Restaurant and T-Bones Meats, Sweets & Catering.

The company’s loyalty systems Payback$ and Copper Club, as well as gift card systems, have been affected by the outage, Boucher said in the email. But he added that the inability to offer rewards points and process gift cards is not a reflection on the company’s health. Great New Hampshire Restaurants is offering IOUs on loyalty points to customers until the problem is fixed.

NCR said when it learned about the attack, the company “immediately started contacting customers, enacted its cybersecurity protocol and engaged outside experts to contain the incident and begin the recovery process. The investigation into the incident includes NCR experts, external forensic cybersecurity experts and federal law enforcement.”

Boucher

Boucher said, “In the beginning, no one knew what was happening, and so we were under the impression that within hours, maybe a day, we would be back up and running.” He said it wasn’t until the April 17 news release from NCR that the extent of the issue was known. He said that NCR has given them a “hopeful” completion date of April 25.

“As difficult as this has been, we understand there were some restaurants throughout the country that could not function at all, their ordering systems have been completely locked up through this, and so they were understandably NCR’s priority for a fix,” Boucher said. “Thankfully, NCR has completed that phase of this rebuilding project and can move on to securely rebuilding the parts of their system that have affected us. With that said, it is a slow process.”

He added, “We understand this has been frustrating to our guests. Believe me, we are just as frustrated as you.” He said the company is in touch with the New Hampshire attorney general’s office, state Department of Business and Economic Affairs, and the New Hampshire Lodging and Restaurant Association. 

“It is not lost on us that our loyalty and gift card programs are two of our guests’ favorites, outside of our food and service; we know the impact this has had on you, and for that, I truly apologize” Boucher said. He said that the business “is doing everything in its power to expedite a resolution while also respecting the need for NCR to approach this situation in a planned and methodical way to ensure the security and sanctity of their system.”