Skip to Content
Security & privacy

If you ate at this restaurant chain, hackers may already have your credit card information

If you use a payment card at all, you’re probably aware of the security risks associated with it. Hacks and compromised point of sales, both offline and online, seem to occur on a regular basis. It’s a sad fact that we simply don’t know where the next attack will occur.

This time, a popular U.S. restaurant chain has been hacked. If you ever used your payment card on one of its locations, you should definitely contact your credit card provider and cancel it immediately.

Read on and find out if you are affected by the latest fast-food chain data breach. You’ll be shocked to learn for how long it’s been going on!

Huddle House Security Breach

On Feb. 1, U.S.-based restaurant chain Huddle House revealed that a malware intrusion was detected in its point-of-sale (POS) systems, impacting its customers’ payment card information.

At this time, the company hasn’t disclosed how many of its locations are affected, but if you used a payment card at a Huddle House restaurant from Aug. 1, 2017, to Feb. 1, 2019, you should assume the worst and figure that the hackers have your payment card information.

Note: Huddle House is a casual and fast-food chain which operates primarily in the southeastern United States. It has over 400 restaurants across 24 states.

Since the malware was designed to read the information of a payment card’s magnetic stripe, the stolen information is extensive. It includes:

  • Cardholder name
  • Credit/debit card number
  • Expiration date
  • Cardholder Verification Value
  • Service code

What happened?

According to Huddle House, criminals were able to infiltrate a third-party POS vendor’s computer systems and used the vendor’s assistance tools to gain remote access and install malware on Huddle House’s corporate and franchisee POS systems.

Here’s the alarming thing about this breach – the hack may have been going on since August 2017 but until now, Huddle House had no idea that its payment systems were compromised. Think about it, for over a year, the malware have been silently collecting payment details without detection!

It took notifications from law enforcement and its credit card processor to inform them that they may be victims of a cyberattack.

Less than 24 hours after being notified, the company said it retained a “leading IT investigation and security firm” to investigate the incident and more importantly, deploy software to prevent further attacks.

Although at this time, their initial investigations haven’t revealed the exact number of Huddle House locations affected, if you’ve used your credit or debit card at any of its restaurants, your information may be at risk.

What’s next?

Although using a payment card at a Huddle House restaurant doesn’t automatically mean that you’re affected, why take the chance?

Whenever a payment system breach like this occurs on an establishment that you patronize, you should be vigilant and do precautionary steps to protect yourself.

As I said, although it’s still unclear how many customers are affected, if you used a payment card at a Huddle House from Aug. 1, 2017, you should cancel your credit card as soon as possible.

Next, review your account statements. You should already be frequently checking your bank statements anyway, but if you see anything that seems out of the ordinary, report it immediately to your bank. 

Keep your eye out for phishing scams, too. Scammers will try to piggyback on data breaches like this. Beware of phishing scams that pretend to be from affected companies like banks, credit bureaus, credit card companies and even Hubble House itself.

Lastly, if you think you are already compromised, put a credit freeze on your accounts as soon as you can. Note: A credit freeze, also known as a security freeze, allows you to restrict access to your credit reports and scores provided by the three major credit bureaus.

Click here to learn how to enable a security or credit freeze.

If a credit freeze sounds too extreme for you due to the restrictions, try a fraud alert instead. When a fraud alert is in place, businesses requesting credit reports must contact you and verify your identity before a new account can be made.

Click here to read Huddle House’s official announcement.

Popular home improvement site hacked – is your personal information at risk?

When you think of home improvement sites, you tend to think of home furnishings like curtains, couches, or kitchen sinks. But, now we have to add data breaches to that list. Recently a huge online home improvement site announced it had suffered a major data breach that might have affected you.

Click or tap to find out how to protect your personal information in this latest data breach.

cryptocurrency e-book hero

New eBook: ‘Cryptocurrency 101’

Don't want to lose your dough to crypto? Check out my new eBook, "Cryptocurrency 101." I walk you through buying, selling, mining and more!

Check it out