Arby's hit with security breach: hundreds of restaurants affected

The fast food franchise Arby's has confirmed that it was hit with a data security breach, one involving 'malicious software' on its payment card systems. The company went on to state that it notified law enforcement after discovering the breach, as well as 'leading security experts,' one of which was Mandiant. The investigation into the matter is said to still be ongoing, though the malware itself has been removed from the affected systems.

The confirmation was given to Krebs on Security, where Brian Krebs stated that multiple banks and credit unions had reached out to him over the last two days and asked whether Arby's had suffered such a breach. When asked, Arby's confirmed the breach to Krebs, providing the statement below:

Arby's Restaurant Group, Inc. (ARG) was recently provided with information that prompted it to launch an investigation of its payment card systems. Upon learning of the incident, ARG immediately notified law enforcement and enlisted the expertise of leading security experts, including Mandiant. While the investigation is ongoing, ARG quickly took measures to contain this incident and eradicate the malware from systems at restaurants that were impacted.

The data breach only affected Arby's corporate stores and not franchise locations, the company revealed; there are more than 1,000 corporate-owned locations, but not all of them were affected by the malware. It isn't clear how many restaurants were infected with the malware.

The company didn't state how long the systems were infected with the malware, however, a service organization called PSCU, which alerted its member banks about a breach at 'a large fast food restaurant chain,' estimates the breach happened between the end of October 2016 and middle of this past January.

SOURCE: Krebs on Security