The 266-location Jason's Deli is notifying its customers that their payment card information may have been compromised through a point of sale data breach.
The restaurant chain, which has shops in 28 states, said in a statement that it was notified by MasterCard security on December 22, 2017 that a large number of its customer's payment card information had been found on the dark web and some of it may have originated from Jason's Deli locations.
“Jason's Deli's management immediately activated our response plan, including engagement of a leading threat response team, involvement of other forensic experts, and cooperation with law enforcement. Among the questions that investigators are working to determine is whether in fact a breach took place, and if so, to determine its scope, the method employed, and whether there is any continuing breach or vulnerability,” the company said.
The chain did not say how many people may be affected, but did say there is an on-going investigation and in the meantime customers should keep an eye on their payment card transactions for nefarious activity.
Retailers including Forever 21, Sonic Drive-In and Brooks Brothers all reported similar breaches last year.