US restaurant chain Golden Corral is informing roughly 180,000 individuals that their personal information was stolen in a data breach.
The incident, the company says, was identified on August 15, 2023, and led to the disruption of certain corporate operations.
The investigation that ensued determined that a threat actor accessed certain systems and “acquired certain data relating to current and former employees and beneficiaries between August 11, 2023 until August 15, 2023”.
Recently concluded, the review of the compromised data determined that it includes names, Social Security numbers, driver’s license numbers, financial account information, medical information, health insurance information, and credentials.
“After determining the scope of information in the potentially impacted files, Golden Corral undertook efforts to locate address information for the affected individuals. That review process completed on January 26, 2024. Golden Corral then put resources in place to assist and provide direct notice,” the company says.
On February 16, Golden Corral started notifying the potentially impacted individuals and regulatory agencies of the incident. A total of more than 183,000 individuals were affected, the company informed the Maine Attorney General’s Office.
“While Golden Corral is unaware of the misuse of any personal information impacted by this event, individuals are encouraged to remain vigilant against incidents of identity theft by reviewing account statements and explanations of benefits for unusual activity,” the company says.
The restaurant chain is providing affected individuals with free access to credit monitoring services and with guidance on how to protect themselves against identity theft and fraud.
Golden Corral is facing class action lawsuits over the data breach. Several consumer rights law firms have already publicized their interest on the matter and at least three lawsuits were filed this week in the North Carolina Eastern District Court.
One of the complaints, filed by a former employee, claims that, although aware of the potential risks, Golden Corral failed to take the appropriate measures to secure the personal information it collected.
Related: LoanDepot Ransomware Attack Exposed 16.9 Million Individuals
Related: 230k Individuals Impacted by Data Breach at Australian Telco Tangerine
