If you have visited an Arby’s fast food restaurant since last October, you may be one of the hundreds of thousands of people affected by the company’s credit card data breach.
The restaurant found that its computer systems in some US stores were breached by malware, allowing attackers to remotely steal data from each swiped credit card at the cash register.
According to Brian Krebs, security researcher and writer, the breach occurred between October 25, 2016 and January 15, 2017 and could have resulted in data from over 355,000 credit and debit cards being extracted.
Krebs reported that ‘the first clues about a possible breach at the sandwich chain came in a non-public alert issued by PSCU, a service organization that serves more than 800 credit unions.’
He also stated that only cards used in Arby’s corporate restaurants (around 1,000) were affected, but none of its franchise restaurants operated by third parties.
An Arby’s spokesperson stated that the restaurant chain has eliminated the malware that infected its point-of-sales systems that led to the breach. The company also notified law enforcement after it learned of the breach and contacted several computer security firms to assist.
The company asked its customers to check their credit card statements for any unauthorized payments and to report any suspicious activity immediately to the bank that issued their card.
A report released by Risk Based Security stated that the United States is in the midst of a ‘a national nightmare’ for data hacking, noting that there were 4,149 data breaches reported during 2016, which exposed over 4.2 billion records.
The point-of-sales systems of various retail chains have been a favorite hacking target for years. Wendy’s, Home Depot and Target have also fallen prey of malware being installed into their payment systems, with sensitive customer data being stolen.