Multiple sources in the financial industry have found a pattern of fraud on customer cards, with the latest victim of a breach looking to be Shoney’s, a 70-year-old restaurant chain that operates primarily in the southern United States.
Krebson Security reports that the privately held restaurant chain includes approximately 150 company-owned and franchised locations in 17 states, from Maryland to Florida in the East and from Missouri to Texas in the West, with the northernmost location being in Ohio.
These financial sources say they’ve received confidential alerts from the credit card associations about suspected breaches at dozens of Shoney’s locations, although it’s unknown if the issue is limited to those locations or if it extends company-wide. The breach is believed to have occurred between December 2016 and early March 2017.
Right now, Shoney’s isn’t responding to the reports, and it’s not sure of the breach affects corporate-owned or franchised stores.
Last year, hundreds of Wendy’s restaurants had a breach, with only franchised locations thought to have been impacted. Arby’s, on the other hand, had a breach that only affected corporate stores.
The majority of the breaches involving restaurant and hospitality chains over the past few years have been traced back to point-of-sale devices that were remotely hacked with card-stealing malicious software. In response, many retailers are installing card readers that can complete transactions from more secure chip-based credit and debit cards.