Checkers double drive-thru restaurants chain discloses card breach

Checkers and Rally’s, one of the largest chains of double drive-thru restaurants in the United States, disclosed a credit card breach.

“We recently became aware of a data security issue involving malware at certain Checkers and Rally’s locations.” reads a breach notice published by the company. “After discovering the issue, we quickly engaged leading data security experts to conduct an extensive investigation and coordinated with affected restaurants and federal law enforcement authorities to address the matter.”

According to the security notice, crooks breached the systems of the company and planted a PoS malware in its payments processing system allowing an unauthorized party to siphon payment card data of some guests. The malware only infected the point-of-sale systems at some Checkers and Rally’s locations.

“The malware was designed to collect information stored on the magnetic stripe of payment cards, including cardholder name, payment card number, card verification code and expiration date.” continues the notice. “Based on the investigation, we have no evidence that other cardholder personal information was affected by this issue.”

The company provided a list of the affected locations and the estimated windows of exposure during which the PoS malware was used to steal the guests’ card data.

102 restaurants have been impacted, roughly 15% of all of the locations.

Most of the impacted locations have been infected with the PoS malware between early 2018 and 2019, the list also includes some locations compromised back in 2017, and one infection dates back September 2016.

Checkers declared that the malicious code was completely removed from the payment systems in April 2019.

The company reported the card breach to the authorities and hired third-party security experts to contain and remove the malware

“After identifying the incident, we promptly launched an extensive investigation and took steps to contain the issue. We also are working with federal law enforcement authorities and coordinating with the payment card companies in their efforts to protect cardholders,” reads the notice Checkers. “We encourage you to review your account statements and contact your financial institution or card issuer immediately if you identify an unauthorized charge on your card. The payment card brands’ policies provide that cardholders have zero liability for unauthorized charges that are reported in a timely manner.”

The company encourages potentially affected guests to review their account statements and contact their financial institution or card issuer immediately if they identify an unauthorized charge on card.

Clients are entitled under U.S. law to one free credit report annually from each of the three nationwide consumer reporting agencies.

If you appreciate my effort in spreading cybersecurity awareness, please vote for Security Affairs in the section “Your Vote for the Best EU Security Tweeter”

Thank you

Pierluigi Paganini

FAIR USE NOTICE: Under the "fair use" act, another author may make limited use of the original author's work without asking permission. Pursuant to 17 U.S. Code § 107, certain uses of copyrighted material "for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright." As a matter of policy, fair use is based on the belief that the public is entitled to freely use portions of copyrighted materials for purposes of commentary and criticism. The fair use privilege is perhaps the most significant limitation on a copyright owner's exclusive rights. Cyber Defense Media Group is a news reporting company, reporting cyber news, events, information and much more at no charge at our website Cyber Defense Magazine. All images and reporting are done exclusively under the Fair Use of the US copyright act.

Global InfoSec Awards 2022

We are in our 10th year, and these awards are incredibly well received – helping build buzz, customer awareness, sales and marketing growth opportunities, investment opportunities and so much more.

APPLY NOW

10th Anniversary Exclusive Top 100 CISO Conference & Innovators Showcase

X