Restaurants in the US are suing Radiant Systems and its distributor, alleging that Radiant's point of sale (POS) software was not compliant with the credit card security standard, PCI DSS.
The companies have all had customer data stolen by hackers and have suffered financial loss as a result. They have been fined by banks and card firms for breaching PCI DSS and have had to pay for audits.
The restaurants allege that Radiant Systems sold older versions of its Aloha software which were not PCI DSS compliant. They claim that reseller Computer World used default passwords when managing systems which made it easier for hackers to steal data.
"There were a number of very serious PCI violations and poor practices that any POS supplier and reseller would be expected to avoid," alleged attorney Charles Hoff, general council for the Georgia Restaurant Association, who is representing the seven restaurants
The restaurants are taking action as a group and the extent of the problem could be wider, said Charles Hoff. "Radiant Systems and Computer World were trying to convince the court that it was improper to have a collective action but the court ruled against them."
He said as a result there are more asking to join the group action.