Church’s chicken, an American restaurant chain has launched an investigation into a possible data breach involving credit and debit card information.
The company stated that it had detected unauthorised activity in the IT systems used to process payments at some of its 165 restaurants in the US.
“Although our investigation is ongoing, what we currently know suggests that payment cards used at certain restaurants in 2019 may have been impacted,” said a Church’s spokesperson.
It is understood that the breach may have impacted payment cards used at certain Church’s restaurants.
In a statement the company released on its website, the federal authorities and credit reporting agencies have been notified. In addition, the company has retained a leading cybersecurity forensics firm to help “contain and remediate the activity, as well as launch an investigation into the breach.
“The Church’s system uses multiple payment processing systems and, as a result, not all Church’s restaurants – and none of our franchised locations – are believed to be impacted by this incident.”
The company has published a list of 130 restaurants that may have been impacted in Alabama, Arkansas, Florida, Georgia, Illinois, Louisiana, Mississippi, Missouri, South Carolina, Tennessee and Texas.
A page has been set up by the company to post information and updates about the incident.
“Church’s is committed to protecting the privacy and security of our customers. While our investigation continues, we would like to remind all of our guests to be vigilant and that it is always good practice to review your payment card statements regularly and report any unusual or unauthorized purchases to your card issuer.”
PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.
For more information on upcoming events, visit the website.
We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.
Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered. https://www.privacyculture.com/