Arby’s… they have the meats; they also have a pretty major security breach.

Apparently malware on the cash register operating system led to the loss of over 350,000 credit and debit card numbers and data.

According to MLive, the security breach was first reported by krebsonsecurity.com’s Brian Krebs who said that the breach affected only corporate owned Arby’s and not the franchised locations.  Problem is, Arby’s has yet to announce which locations are corporate and which are locally owned.

From MLive, Arby’s statement on the breach:

"Arby's Restaurant Group, Inc. (ARG) was recently provided with information that prompted it to launch an investigation of its payment card systems.  ARG immediately notified law enforcement and enlisted the expertise of leading security experts, including Mandiant.  While the investigation is ongoing, ARG quickly took measures to contain this incident and eradicate the malware from systems at restaurants that were impacted.

 

ARG reminds guests that it is always advisable to closely monitor their payment card account statements for any unauthorized activity. If guests discover any unauthorized charges, they should report them immediately to the bank that issued their card."

They're really not owning up to it, even though they did remove the malware, so they know it was there.

It looks like the breach happened sometime between October 25, 2016 and January 19th, 2017.

Since there’s no easy database search to find out if the Arby’s you dined at was a corporate store or not, it’s suggested that if you know you used your card at Arby’s between those dates, check your bank account regularly to make sure you’re not a victim of the security breach.

source: MLiveKrebsonSecurity