The Caribou Coffee chain has reported that its point of sale system was hacked, resulting in a data breach affecting dozens of locations, primarily in Minnesota.
The breach was noticed on Nov. 28, after which time Caribou Coffee hired the security firm Mandiant to investigate. Mandiant reported two days later that unauthorized persons had accessed the chain’s point of sale system. The Mandiant team locked down the system, blocking any further entry.
Customers who used a payment card at one of the 273 company-owned stores may have had their names and credit card information, including card numbers, expiration dates and security codes exposed, the company reported. However, anyone who made a purchase using their Caribou Coffee Perks account or other loyalty account were not affected. There are also 123 franchise locations that were not involved.
In addition, catering orders placed online with Bruegger’s Bagels, Einstein Bros. Bagels, Manhattan Bagel and Noah’s NY Bagels,
all of which fall under the Caribou Coffee corporate umbrella, were also not affected by this breach.