The listings featured on this site are from companies from which this site receives compensation and some are co-owned by our parent company. This influence: Rank and manner in which listings are presented.
Learn more
The How To Guide was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: Holiday.com, ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on The How To Guide are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

The How To Guide was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: Holiday.com, ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on The How To Guide are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

NCR's Aloha POS System Disrupted by Ransomware Attack

NCR's Aloha POS System Disrupted by Ransomware Attack
Author Image Husain Parvez
Husain Parvez First published on April 19, 2023 Cybersecurity Researcher

NCR Global, the American software and technology company, has suffered an outage of its Aloha point-of-sale (POS) platform across several restaurants. After a few days of radio silence, NCR disclosed the outage was caused by a ransomware attack on a data center responsible for powering the service. The technology platform provider confirmed the situation in a press release, stating the following:

"On April 13, NCR determined that a single data center outage that is impacting some functionality for a subset of its commerce customers was caused by a cyber ransomware incident. Upon such determination, NCR immediately started contacting customers, enacted its cybersecurity protocol and engaged outside experts to contain the incident and begin the recovery process. The investigation into the incident includes NCR experts, external forensic cybersecurity experts and federal law enforcement."

According to a statement by NCR to BleepingComputer, the current outage affecting their Aloha POS platform is specific to a subset of their hospitality customers. Moreover, NCR has stated that the blackout has only affected a "limited number of ancillary Aloha applications." That being said, some Aloha POS users on Reddit have claimed “significant issues in their business operations” have been caused by the outage.

NCR has confirmed that customers affected by the ransomware attack are experiencing reduced functionality in administrative functions. However, in-restaurant purchases and transactions continue to operate as usual.

The ransomware attack on NCR's Aloha POS platform has been claimed by the ransomware group BlackCat, which also goes by Alphv and Noberus. According to cybersecurity researcher Dominic Alvieri, who first noticed the hack gang’s now-deleted post, the ransomware group claimed that NCR representatives contacted them to find out what type of data had been stolen. Although the hackers did not allegedly steal any NCR data, they did obtain "a lot of credentials" to access NCR client networks.

The removal of the post mentioning NCR from the BlackCat ransomware group's leaked website indicates that negotiations may have begun. NCR stated that it has “a clear path to recovery,” and the company is “working around the clock to restore full service for our customers.”

About the Author

  • Author Image Husain Parvez
  • Husain Parvez Cybersecurity Researcher

Husain Parvez is a Cybersecurity Researcher and News Writer at The How To Guide, focusing on VPN reviews, detailed how-to guides, and hands-on tutorials. Husain is also a part of the The How To Guide Cybersecurity News bulletin and loves covering the latest events in cyberspace and data privacy.

Please, comment on how to improve this article. Your feedback matters!

Leave a comment

This field must contain more than 50 characters

The field content should not exceed 1000 letters

Sorry, links are not allowed in this field!

Name should contain at least 3 letters

The field content should not exceed 80 letters

Sorry, links are not allowed in this field!

Please enter a valid email address