Restaurant chains Moe’s Southwest Grill, McAlister’s Deli, and Schlotzsky’s were hit earlier this year by a payment card breach that has impacted hundreds of locations.
It appears that cybercriminals managed to steal information associated with payment cards used at the affected restaurants by installing a piece of malware designed to search for and harvest payment card data as it passed through a restaurant’s server.
Moe’s, McAlister’s and Schlotzsky’s are owned by Focus Brands, an affiliate of Atlanta-based private equity firm Roark Capital Group. It’s likely that the restaurant chains share some infrastructure, which enabled the attackers to target all of them roughly at the same time.
The restaurants first notified their customers of a data breach on August 20, shortly after discovering the intrusion. The investigation launched into this incident is nearly completed and they have determined that each restaurant was hit at different times between April and July. Moe’s and McAlister’s were hit between April 29 and July 22, while Schlotzsky’s determined that the malware was present between April 11 and July 22.
Moe’s, McAlister’s and Schlotzsky’s have a total of approximately 1,500 locations across the United States. Their customers can see the list of affected restaurants based on postal code or state and city. Hundreds of locations appear to have been impacted, but the companies say the cybercriminals did not manage to deliver the malware to all restaurants and claim that in most cases the malware was only present for a few weeks in July.
In the case of Schlotzsky’s and Moe’s, the investigations uncovered other, unrelated data breaches at one and two locations, respectively.
“Moe’s Southwest Grill, McAlister’s Deli, and Schlotzsky’s quickly took measures to contain the incident, remove the unauthorized code, and they are working to implement measures to further enhance payment card security. Nonetheless, it is always advisable to remain vigilant to the possibility of fraud by reviewing your payment card statements for any unauthorized activity,” the restaurants said in a joint press release.
Related: Buca di Beppo, Planet Hollywood Restaurants Hit by Card Breach
Related: Chili’s Restaurants Hit by Payment Card Breach
Related: Breach at PoS Firm Hits Hundreds of U.S. Restaurants, Hotels
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- Siemens License Manager Vulnerabilities Allow ICS Hacking
- CISA Releases Open Source Recovery Tool for ESXiArgs Ransomware
- ICS Cybersecurity Firm Opscura Launches With $9.4 Million in Series A Funding
- Patch Released for Actively Exploited GoAnywhere MFT Zero-Day
- VMware Says No Evidence of Zero-Day Exploitation in ESXiArgs Ransomware Attacks
- Critical Baicells Device Vulnerability Can Expose Telecoms Networks to Snooping
- SecurityWeek Analysis: Over 450 Cybersecurity M&A Deals Announced in 2022
- VMware ESXi Servers Targeted in Ransomware Attack via Old Vulnerability
Latest News
- Skybox Security Raises $50M, Hires New CEO
- Spies, Hackers, Informants: How China Snoops on the US
- Australian Man Sentenced for Scam Related to Optus Hack
- Chrome 110 Patches 15 Vulnerabilities
- Application Security Protection for the Masses
- Tor Network Under DDoS Pressure for 7 Months
- Siemens License Manager Vulnerabilities Allow ICS Hacking
- UN Experts: North Korean Hackers Stole Record Virtual Assets
