Checkers Drive-In Restaurants, Inc. on Wednesday informed customers that malware had been found on point-of-sale (PoS) systems at some of its Checkers and Rally’s restaurants.
Checkers Drive-In Restaurants operates roughly 800 Checkers and Rally’s restaurants across nearly 30 states. The data breach impacted 102 locations in 20 states, which represents roughly 15 percent of the company’s restaurants.
The list of impacted states includes Alabama, Florida, California, Delaware, Florida, Georgia, Illinois, Indiana, Kentucky, Louisiana, Michigan, Nevada, New Jersey, New York, North Carolina, Ohio, Pennsylvania, Tennessee, West Virginia and Virginia.
The company said it launched an investigation after becoming aware of a “data security issue involving malware.” The investigation revealed that cybercriminals had planted malware designed to steal data stored on the magnetic stripe of payment cards. The compromised information includes cardholder name, payment card number, expiration date and card verification code.
Checkers Drive-In Restaurants said there was no evidence that other type of data was stolen and pointed out that “not all guests who visited the listed restaurants during the relevant time periods are affected by this issue.”
The timeframe when the malware was present on PoS systems varies for each of the impacted restaurants, but in some cases the malware was apparently planted as early as 2015 and 2016.
The company has contracted a third-party cybersecurity firm to help it contain the incident and remove the malware from its systems. Law enforcement has also been notified.
“When looking at the full details provided by Checkers and Rally, some of the venues that were infected with the malware were targeted as far back as 2015. This means the attackers had years to make use of the stolen financial data and cover their tracks,” Shlomie Liberow, technical program manager at HackerOne, told SecurityWeek.
“This breach is an example of one that really reminds us that any connected device is an attack surface and it’s not just online stores that face cybercriminal activity – with cybercriminal activity infringing even closer on the ‘real world’, we can see this as almost the modern equivalent of robbing the till, except in this example, it’s very much Checkers’ customers who are going to be financially disadvantaged here.
“While it is yet to be confirmed if money was stolen from affected customers, unfortunately, it’s now going to be up to those individuals who think they did pay for fast food at the affected outlets to check their bank statements and credit reports to alert their providers to any fraudulent activity,” Liberow added.
Several major restaurant companies reported suffering payment card breaches in the past year, including Earl Enterprises, Huddle House, Chili’s, Applebee’s, and Cheddar’s Scratch Kitchen.
Related: Breach at PoS Firm Hits Hundreds of U.S. Restaurants, Hotels
Related: Payment Card Breach Hits Over 260 Caribou Coffee Stores

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- Vulnerabilities in Honda eCommerce Platform Exposed Customer, Dealer Data
- Barracuda Urges Customers to Replace Hacked Email Security Appliances
- Google Patches Third Chrome Zero-Day of 2023
- ChatGPT Hallucinations Can Be Exploited to Distribute Malicious Code Packages
- AntChain, Intel Create New Privacy-Preserving Computing Platform for AI Training
- Several Major Organizations Confirm Being Impacted by MOVEit Attack
- Verizon 2023 DBIR: Human Error Involved in Many Breaches, Ransomware Cost Surges
- Ransomware Group Used MOVEit Exploit to Steal Data From Dozens of Organizations
Latest News
- Consolidate Vendors and Products for Better Security
- Pharmaceutical Giant Eisai Takes Systems Offline Following Ransomware Attack
- Vulnerabilities in Honda eCommerce Platform Exposed Customer, Dealer Data
- North Korean Hackers Blamed for $35 Million Atomic Wallet Crypto Theft
- Cisco Patches Critical Vulnerability in Enterprise Collaboration Solutions
- Barracuda Urges Customers to Replace Hacked Email Security Appliances
- Android’s June 2023 Security Update Patches Exploited Arm GPU Vulnerability
- BBC, British Airways, Novia Scotia Among First Big-Name Victims in Global Supply-Chain Hack
