CCC Restaurant Enterprises, LLC, the company that operates Popeyes Louisiana Kitchen, announced a data security breach that could have affected credit and debit cards used at the restaurants. The payment processing system for the popular food chain was compromised last year between May 5 and August 18 at select locations.
Information gathered during the breach may include cardholder names, debit and credit card numbers, expiration dates, and security codes. As always, consumers are encouraged to monitor their financial accounts and report any unauthorized charges to their bank or credit card provider.
The company found malware on the payment terminals for physical locations of the restaurant. Merchandise, gift cards, or other items purchased online were not involved with the hack. Most of the affected locations were in Texas, but there were two in North Carolina and one in Georgia. The malware was active at different times at each of these locations, so not all customers during the May-August time period were affected.
Popeyes says it has “contained the incident” and that the cards compromised during the data breach are no longer at risk. They have hired a third-party forensics team to monitor their systems and provide enhanced security against future events.