A newly revealed “data incident” may have affected payment cards at 167 Applebee’s locations in 15 states.
The incident was reported by RMH Franchise Holdings, the second-largest Applebee’s franchisee. Malware was reportedly placed on the point-of-sale system at certain RMH-operated Applebee’s locations to capture payment card information and “may have affected a limited number of purchases made at those locations.”
RMH released a full list of the affected locations and dates affected on its data incident webpage. The list includes restaurants in Alabama, Arizona, Florida, Illinois, Indiana, Kansas, Kentucky, Missouri, Mississippi, Nebraska, Ohio, Pennsylvania, Texas, and Wyoming. It appears that the vast majority of these locations were affected from Dec. 6, 2017 to Jan. 2, 2018, but be sure to check the full list for the exact location if you’ve dined in an Applebee’s in any of these states recently.
“Certain guests’ names, credit or debit card numbers, expiration dates and card verification codes” may have been affected during the breach. RMH notes that online payments and payments made using Applebee’s self-pay tabletop devices were not affected by the breach.
RMH discovered the incident on Feb. 13. The company says the incident is now contained and customers will not have any issues using payment cards at these locations.
A Growing Issue
Point-of-sale malware is a growing, frustrating problem. Similar incidents have been seen lately at Jason’s Deli, Whole Foods, and Forever 21 locations. And really, there’s nothing a customer can do to identify such malware — it’s up to the companies to secure their payment systems.
After the fact, as always, be sure to monitor the activity of any payment cards you may have used at any of these Applebee’s locations.
H/T SC Media