Church’s Chicken investigates payment-card data breach; Checkers expands malware probeChurch’s Chicken investigates payment-card data breach; Checkers expands malware probe

Heading into the busy winter holiday shopping season, at least three restaurant brands have updated customers on possible data breaches and one restaurant payment platform has reportedly suffered a security lapse.

Atlanta-based Church’s Chicken last week said it was investigating a potential payment-card data breach at as many as 165 of its company-owned restaurants in 11 states.

Tampa, Fla.-based Checkers Drive-in Restaurants Inc. the week before said a malware issue that impacted some of its Checkers and Rally’s locations, first announced in May, had expanded with at least one more location identified and the discovery that the malware had been reinstalled at several locations after it was first identified.

Dallas-based On the Border on Tuesday said it was investigating a potential security incident that involved a payment-processing system that services some of its restaurants. The incident involved payments between April 10 and Aug. 10. More details were posted at its security website.

Meanwhile, Fort Lauderdale, Fla.-based MyPayTab, which supplies some U.S. restaurants with card and mobile payment terminals, had suffered a security lapse that exposed consumer date, according to a report at vpnMentor.

The possible Church’s data breach was identified last month at company-owned units in 11 states: Alabama, Arkansas, Florida, Georgia, Illinois, Louisiana, Mississippi, Missouri, South Carolina, Tennessee and Texas. The company provided a list of suspected locations at a special website.

Related:Huddle House warns of possible data breach

“Our company has retained a leading cybersecurity firm to help us determine exactly what happened and what more we can do moving forward to keep our customers' data secure,” Church’s said in a statement.  “We are also cooperating with federal law enforcement and have notified the payment card networks and credit reporting agencies, to mitigate any potential for harm to our customers.”

Church’s said its investigation into the incident is ongoing and it would provide updates at www.churchs.com/security.  Customers may also call the company’s hotline at (866) 345-6788.

Church’s has more than 1,500 locations. “We believe the incident may have impacted payment cards, including payment card numbers, names and expiration dates,” the company said.

Checkers said it became aware of the expanded malware issue in October.

“After conducting a further investigation with leading data security experts, Checkers also determined that the malware had been re-installed at several of the locations the company previously identified as being affected by this issue,” it said in a statement. “The company has taken steps to contain and remove the malware and is coordinating closely with federal law enforcement authorities in their investigation of the matter.”

A list of the locations affected by the additional activity and the estimated dates of exposure is available at www.checkers.com/security-issue.

Checkers operates and franchises nearly 900 Checkers and Rally's restaurants across the United States.

Update Nov. 26, 2019: This story has been updated to include information about On the Border's investigation.

Contact Ron Ruggless at [email protected]

Follow him on Twitter: @RonRuggless