If you’ve been to Arby’s lately, you might want to check your credit or debit card information.
Arby’s is investigating a breach that could have affected 355,000 customers at hundreds of its stores, according to Krebs on Security.
There seemed to be malware spotted in Arby’s payment systems, but it only affected the corporate-owned restaurants, and not independently-owned franchises.
Although they didn’t even know about the breach until mid-January, they said they were able to contain it and get rid of the malware.
There were rumors about the breach going around, as Public Service Credit Union, the largest credit union in the US, received an alert that more than 355,000 Visas and MasterCards were compromised.
Krebs on Security spoke to an Arby’s spokesperson, who said:
“Arby’s Restaurant Group, Inc. (ARG) was recently provided with information that prompted it to launch an investigation of its payment card systems. Upon learning of the incident, ARG immediately notified law enforcement and enlisted the expertise of leading security experts, including Mandiant.”
Arby’s declined to comment on how long the malware was in the system, but PSCU said it could have been between October 25, 2016 to January 19, 2017.
There are thousands of Arby’s in the US and it’s hard to tell which are corporate or franchise-owned, but if you’ve eaten there in the last three months, you should just make sure everything’s square with your payment cards.