SAN FRANCISCO — Malware on cash registers at Arby’s fast food restaurants may have resulted in the breach of more than 355,000 credit and debit cards.
The incident was first reported by security researcher and writer Brian Krebs and may have affected cards used at hundreds of the chain’s restaurants. Only Arby’s restaurants owned by the Atlanta, Ga.-based company were affected, not its franchises.
The malware allowed attackers to remotely steal data from each credit card as it is swiped at the cash register. This is the same type of point-of-sale attack behind the mammoth credit card breaches at Target and Home Depot.
Arby’s Restaurant Group, Inc. said in a statement that it had recently launched an investigation of its payment card systems after learning of a possible data breach. The company immediately notified law enforcement and hired computer security companies to investigate.
It also eradicated the malware from systems at restaurants that were impacted, the company said.
Initial reports of the attack appear to have come from PSCU, a credit union service group and occurred between Oct. 25, 2016 and January 19, 2017, Krebs reported.
That could mean that problems with non-credit union issued credit and debit cards have yet to be reported, which could mean that more breached accounts will be reported over time.
READ MORE: WKYC.com
Article Courtesy of Elizabeth Weise, USA TODAY, and WKYC Channel 3 News Cleveland
Picture Courtesy of youngID and Getty Images