Menu
Credit card breach that hit Jimmy John's is larger than originally thought

Credit card breach that hit Jimmy John's is larger than originally thought

An additional 108 restaurants were also affected, said credit-card processor Signature Systems

Signature Systems says the breach of its point-of-sales system that hit 216 Jimmy John's sandwich shops is actually 50 percent larger than originally thought.

The company said Friday that an additional 108 restaurants that use its payment terminals were also hit. The additional locations are independent restaurants not part of the Jimmy John's chain.

The breach is thought to have begun on June 16 when someone began gaining access to the terminals through a user name and password that are normally used to remotely manage the devices. Companies like Signature Systems use remote management so they don't have to send a technician to each store, saving time and money but also opening the devices up to just the sort of attack that happened.

It wasn't until July 30 that the company first learned there could be a problem. It took a week for the malware to be removed from most terminals, although it wasn't completely gone from just about all until mid-September. At some restaurants, the company still hasn't verified that the malware has been removed, but says the attack has been blocked.

The malware installed was capable of stealing the cardholder's name, card number, expiration data and verification code from the magnetic stripe on the back of the card.

Cards used at the affected locations in a three-month period from mid-June were potentially at risk of being compromised. The company has posted a list of all independent restaurants and the time frames in question on its website, and there's a similar list on the Jimmy John's website.

It shows, for example, that at the Roman Delight restaurant in Southampton, Pennsylvania, the malware was present for just four days in mid-June, while at Apollo Pizza in Philadelphia, the malware was present for three months.

The bad news for consumers is that Signature Systems says it's unable to identify the specific cards that were stolen, so it doesn't know the names and addresses of potential victims. The company is asking customers who used payment cards at the restaurants to watch for fraudulent charges and notify their bank if they appear.

Martyn Williams covers mobile telecoms, Silicon Valley and general technology breaking news for The IDG News Service. Follow Martyn on Twitter at @martyn_williams. Martyn's e-mail address is martyn_williams@idg.com


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags securitymalwaredata breachSignature Systems

Featured

Slideshows

Meet the leading female front runners of the Kiwi channel

Meet the leading female front runners of the Kiwi channel

Reseller News honoured the leading female front runners of the New Zealand channel at the 2018 Women in ICT Awards (WIICTA) in Auckland. The awards honoured standout individuals across seven categories, spanning Entrepreneur; Innovation; Rising Star; Shining Star; Community; Technical and Achievement.

Meet the leading female front runners of the Kiwi channel
Meet the top performing customer-centric Microsoft channel partners

Meet the top performing customer-centric Microsoft channel partners

Microsoft honoured leading partners across the channel following a year of customer innovation and market growth in New Zealand. The 2018 Microsoft Partner Awards recognised excellence within the context of the end-user, spanning a host of emerging and established providers.

Meet the top performing customer-centric Microsoft channel partners
Reseller News launches new-look Awards at 2018 Judges’ Lunch

Reseller News launches new-look Awards at 2018 Judges’ Lunch

Introducing the Reseller News Innovation Awards, launched to the channel at the 2018 Judges’ Lunch in Auckland. With more than 70 judges now part of the voting panel, the new-look awards will reflect the changing dynamics of the channel, recognising excellence across customer value and innovation - spanning start-ups, partners, distributors and vendors.

Reseller News launches new-look Awards at 2018 Judges’ Lunch
Show Comments