Company News

Arby's Says It Had A Major Data Breach

The fast-food chain says it happened in mid-January. More than 350,000 credit and debit cards might be at risk.

Arby's Says It Had A Major Data Breach
Arby's
SMS

It looks like a group of hackers recently got their hands on a lot more than roast beef from Arby's.

According to several reports, the fast food chain had a data breach in mid-January. More than 350,000 credit and debit cards could be at risk.

"Hundreds of thousands of cards is a big number, and with the Wendy’s breach, the alerts we were getting from Visa and MasterCard were in the six-digit ranges for sure," Dan Berger, president and CEO of the National Association of Federal Credit Unions, told a blog that covers security. "That’s probably one of the biggest numbers I've heard."

Christopher Fuller, Arby's senior vice president of communications, told reporters the breach affected only some of the chain's roughly 1,000 corporate locations and that none of its franchised restaurants were affected.

Malware infected the point-of-sales systems and caused the breach but has since been removed.

Wendy's Reports Possible Credit Card Breaches At Multiple Restaurants
Wendy's Reports Possible Credit Card Breaches At Multiple Restaurants

Wendy's Reports Possible Credit Card Breaches At Multiple Restaurants

Krebs On Security reports that Wendy's is looking into reports of credit card breaches dating back to the end of last year.

LEARN MORE

Once malware is installed in a company's point-of-sales system, attackers can remotely steal information from every card swiped. That data is often sold to thieves who specialize in putting stolen credit card numbers onto any card with a magnetic strip. From there, they can purchase pricey items and gift cards on someone else's dime.

Wendy's had a similar data breach in 2016. Over 1,000 of its restaurants were affected.

And other big businesses have been hacked through their point-of-sales systems in recent years, like Home Depot and Target.

Arby's says it notified authorities as soon as it knew about the data breach and had several computer security firms fix the issue.

The company says customers should check their credit card statements for any suspicious activity. If there are any unauthorized payments, report them to the bank immediately.