CONFERENCE On Demand: Cyber AI & Automation Summit - Watch Now
Connect with us

Hi, what are you looking for?



Malware Found on PoS Systems at Checkers and Rally’s Restaurants

Checkers Drive-In Restaurants, Inc. on Wednesday informed customers that malware had been found on point-of-sale (PoS) systems at some of its Checkers and Rally’s restaurants.

Checkers Drive-In Restaurants, Inc. on Wednesday informed customers that malware had been found on point-of-sale (PoS) systems at some of its Checkers and Rally’s restaurants.

Checkers Drive-In Restaurants operates roughly 800 Checkers and Rally’s restaurants across nearly 30 states. The data breach impacted 102 locations in 20 states, which represents roughly 15 percent of the company’s restaurants.

The list of impacted states includes Alabama, Florida, California, Delaware, Florida, Georgia, Illinois, Indiana, Kentucky, Louisiana, Michigan, Nevada, New Jersey, New York, North Carolina, Ohio, Pennsylvania, Tennessee, West Virginia and Virginia.

The company said it launched an investigation after becoming aware of a “data security issue involving malware.” The investigation revealed that cybercriminals had planted malware designed to steal data stored on the magnetic stripe of payment cards. The compromised information includes cardholder name, payment card number, expiration date and card verification code.

Checkers Drive-In Restaurants said there was no evidence that other type of data was stolen and pointed out that “not all guests who visited the listed restaurants during the relevant time periods are affected by this issue.”

The timeframe when the malware was present on PoS systems varies for each of the impacted restaurants, but in some cases the malware was apparently planted as early as 2015 and 2016.

The company has contracted a third-party cybersecurity firm to help it contain the incident and remove the malware from its systems. Law enforcement has also been notified.

“When looking at the full details provided by Checkers and Rally, some of the venues that were infected with the malware were targeted as far back as 2015. This means the attackers had years to make use of the stolen financial data and cover their tracks,” Shlomie Liberow, technical program manager at HackerOne, told SecurityWeek

Advertisement. Scroll to continue reading.

“This breach is an example of one that really reminds us that any connected device is an attack surface and it’s not just online stores that face cybercriminal activity – with cybercriminal activity infringing even closer on the ‘real world’, we can see this as almost the modern equivalent of robbing the till, except in this example, it’s very much Checkers’ customers who are going to be financially disadvantaged here.

“While it is yet to be confirmed if money was stolen from affected customers, unfortunately, it’s now going to be up to those individuals who think they did pay for fast food at the affected outlets to check their bank statements and credit reports to alert their providers to any fraudulent activity,” Liberow added.

Several major restaurant companies reported suffering payment card breaches in the past year, including Earl Enterprises, Huddle House, Chili’s, Applebee’s, and Cheddar’s Scratch Kitchen.

Related: Breach at PoS Firm Hits Hundreds of U.S. Restaurants, Hotels

Related: Payment Card Breach Hits Over 260 Caribou Coffee Stores

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...