Arby's says it had a major data breach
Arby's had a data breach in mid-January where more than 350,000 credit and debit cards could be at risk, according to several reports.
"Hundreds of thousands of cards is a big number, and with the Wendy's breach, the alerts we were getting from Visa and MasterCard were in the six-digit ranges for sure," Dan Berger, president and CEO of the National Association of Federal Credit Unions, told a blog that covers security. "That's probably one of the biggest numbers I've heard."
Christopher Fuller, Arby's senior vice president of communications, told reporters the breach affected only some of the chain's roughly 1,000 corporate locations and that none of its franchised restaurants were affected.
Malware infected the point-of-sales systems and caused the breach but has since been removed.
Once malware is installed in a company's point-of-sales system, attackers can remotely steal information from every card swiped. That data is often sold to thieves who specialize in putting stolen credit card numbers onto any card with a magnetic strip. From there, they can purchase pricey items and gift cards on someone else's dime.
Wendy's had a similar data breach in 2016. Over 1,000 of its restaurants were affected.
And other big businesses have been hacked through their point-of-sales systems in recent years, like Home Depot and Target.
Arby's says it notified authorities as soon as it knew about the data breach and had several computer security firms fix the issue.
The company says customers should check their credit card statements for any suspicious activity. If there are any unauthorized payments, report them to the bank immediately.