Checkers restaurant chain discloses card breach

POS malware discovered installed at 102 Checkers and Rally's restaurants.

Hamburger

Checkers and Rally's, one of the biggest drive-thru restaurant chains in the US, disclosed a security incident yesterday that impacted over 100 locations.

In a security notice published on its website, the company said hackers breached its systems and planted malware on its payments processing system.

The malware was designed to collect information from the magnetic stripe of payment cards and was capable of detecting and extracting data such as the cardholder name, payment card number, card verification code, and expiration date.

15% of Checkers' and Rally's restaurants impacted

Not all Checkers restaurants were impacted. The company listed the addresses and the dates during which the malware was active on the network of each of the impacted restaurants.

The list includes the addresses of 102 drive-thru restaurants, operating under the Checkers or the Rally's brands. The company said this amounted for 15% of all of its locations.

Most of the impacted restaurants had POS malware installed on their systems between early 2018 and 2019; however, some restaurants were infected in 2017, and the earliest infection date was in September 2016. Most of the restaurants were cleaned in April 2019, when Checkers appears to have discovered the intrusion.

Only customers who paid for meals and other products using their payment cards during infection periods are impacted.

The company said it contracted third-party security experts to help with the investigation.

"We also are working with federal law enforcement authorities and coordinating with the payment card companies in their efforts to protect cardholders," Checkers said. "We encourage you to review your account statements and contact your financial institution or card issuer immediately if you identify an unauthorized charge on your card. The payment card brands' policies provide that cardholders have zero liability for unauthorized charges that are reported in a timely manner."

Additional information for affected users is available in Checkers and Rally's' security notice.

More data breach coverage: