Eating “crazy good” comes at a cost. Checkers Drive-In Restaurants, which runs one of the largest chains of drive-thru restaurants in the US under the slogan “crazy good food,” has warned customers that hackers made off with their credit card data.
According to the notice, the long-running breach started as early as 2015, when hackers infected Point of Sale (PoS) systems with malware designed to collect information stored on the magnetic stripe of payment cards. A list of affected restaurants and estimated periods of exposure can be found here. Around 15% of Cherckers restaurants were affected.
For more than three years, the attackers exfiltrated credit card data from customers swiping their cards at those locations, including cardholder name, payment card number, card verification code and expiration date.
“After discovering the issue, we quickly engaged leading data security experts to conduct an extensive investigation and coordinated with affected restaurants and federal law enforcement authorities to address the matter,” the notice reads.
“While we do not know if your specific payment card is affected by this issue, we encourage potentially impacted guests to refer to their payment card statements to identify the payment card they may have used at one of the affected Checkers and Rally’s locations,” it adds.
Checkers instructs customers to contact their financial institution or card issuer if they notice anything suspicious in their bank statements. Affected customers are reminded that they are entitled under U.S. law to one free credit report annually from each of the three nationwide consumer reporting agencies, Equifax, Experian and TransUnion.