The American drive-in fast-food restaurant chain operator, Sonic Corp., said that the company had been the victim of a malware attack at some Sonic locations that have allowed hackers to access customer’s debit and credit card information, the latest in a string of data breaches. The company said in a statement, “we are working to understand the nature and scope of this issue, as we know how important this is to our guests.”
Sonic’s shares dropped 2 percent to $24.73 after it confirmed the data breach.
According to a security news website, the breach in the Sonic’s payment system has resulted in around 5 Mn stolen debit and credit card accounts being “peddled in shadowy underground cybercrime stores.”
The Oklahoma City-based drive-in chain, with 3,500 restaurants which operate across 45 U.S. states, did not divulge the number of store payment systems that have been affected, the specific time frame of the incident, or the nature of the attack – whether it came through the company’s point-of-sale system, or whether hackers used remote access software to install malware that collects those numbers.
In Wake of Data Breach
As a result, after the 3,600-unit quick-service chain acknowledged that its credit card processor notified it of “unusual security regarding usage of credit cards at Sonic,” the company said it is offering two years free fraud detection and identity theft protection for customers who used their cards at its locations.
Customers who used the card at Sonic’s locations any time this year can receive the free identity theft protection through Experian’s Identity Works program and they are given until December 31, 2017, to register and enroll.
The fast-food company confirmed that it is working with third-party forensic experts and law enforcement officials about the incident.
“Your trust in Sonic is important to us, and we sincerely regret any inconvenience this may cause,” the company said in a statement.
Data Breach Victims
Sonic is not the first restaurant to have experienced such issues. In fact, numerous restaurant chains in recent years have been recorded victims of data security incidents, including Shoney’s Arby’s and Chipotle Mexican Grill Inc. earlier this year.
Last year, Wendy’s announced that hackers could steal debit and credit card information of customers at over 1,000 locations at U.S. Wendy’s confirmed that hackers obtained names, card numbers, expiry dates, and codes of the card at that time. Some cards of customers were used at other stores to make fake purchases.
Last week, Whole Foods, which Amazon recently acquired for $13.7 billion, said that payment card information had been stolen from taprooms, restaurants, and other places located within some of its stores.
Last month, credit reporting firm, Equifax Inc., had revealed that personal details of up to 143 million U.S. consumers were accessed by hackers between mid-May and July, in one of the biggest data breaches in the country.
HQBroker is here to give you a daily news roundup about the forex, commodities, technologies, automobiles, and economies. You can open an account now and make yourself updated with essential news in the market.