The Caribou Coffee chain has reported that its point of sale system was hacked, resulting in a data breach affecting dozens of locations, primarily in Minnesota.

The breach was noticed on Nov. 28, after which time Caribou Coffee hired the security firm Mandiant to investigate. Mandiant reported two days later that unauthorized persons had accessed the chain’s point of sale system. The Mandiant team locked down the system, blocking any further entry.

Customers who used a payment card at one of the 273 company-owned stores may have had their names and credit card information, including card numbers, expiration dates and security codes exposed, the company reported. However, anyone who made a purchase using their Caribou Coffee Perks account or other loyalty account were not affected. There are also 123 franchise locations that were not involved.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.