Skip to Content
Security & privacy

Did you eat at one of these restaurants? Hackers may have stolen your credit card info

Hackers are dipping their fingers into just about everything these days. All it takes is a simple mistake—  like downloading the wrong app or visiting the wrong website — and suddenly your phone is bombarding you with pop-up ads and fraudulent subscription charges.

But what about the real world? Are we any safer just because we choose to spend our time and money offline? As it turns out, most payment systems and infrastructure are connected to the web, which means hackers and cybercriminals aren’t too far off.

That’s exactly what victims of this latest hacking spree are learning the hard way. Four popular American food chains revealed that their point-of-sale system (POS) had been hacked — with three months of payment card info harvested to the dark web. Learn which restaurants were affected by this hack and what you can do if your card was pilfered by cybercriminals.

4 restaurants and stores hit with 3-month-long malware spree

According to security reports from analysts at BleepingComputer, restaurant franchise owner Focus Brands announced via press release that three of their popular chain restaurants had been victims of a malware attack spanning the course of three months.

Visitors of Moe’s Southwest Grill, McAllister’s Deli and Schlotzky’s from April 11 to July 22, 2019 may have had their credit card information compromised thanks to an infected POS.

During the same period of time, convenience store chain Hy-Vee was also hit with the same malware and is suspected to have been targeted by the same entities as the Focus Brands chains. Hy-vee’s breach, however, continued well into August of 2019.

According to the press releases, not every store within these four chains was affected by the breach — and most of the actual theft occurred during a period of days in late July. There is no indication of exactly how many cardholders were affected, nor is there confirmation on the financial extent of the damage.

I visited these chains over the summer! Am I affected by this breach?

To help customers who may have been affected by the hack, Focus Brands has put together pages that link to a timetable of the incidents. This allows customers to compare their bank statements with the dates the hacks occurred to determine their risk.

The pages also take pains to recommend contacting a credit reporting bureau and potentially freezing credit in the event they may have been compromised. Hy-Vee also released a page for customers with a lookup tool, which allows people to determine if they were affected by the security breach.

Click or tap below to see if you were affected by this POS hack.


Bonus: Sign up for Kim’s Fraud and Security Alert newsletter for more breaking security updates

With so many dangerous scams and hacks happening around the web, you’ll want to be in-the-know about the best ways to protect yourself and your data.

Don’t miss the news you need to know! Tap or click here to sign up for Kim’s Alerts newsletter, and be the first to learn about product recalls, data breaches and breaking tech news.

Ask me your digital question!

Navigating the digital world can be intimidating and sometimes downright daunting. Let me help! Reach out today to ask your digital question. You might even be on my show!

Ask Me