Investigation launched after customers’ payment card details are compromised
A number of Applebee’s restaurants were hit by a point-of-sales (POS) “data incident” which resulted in the loss of some customers’ personal information and card details.
Locations across the US suffered in the POS systems incident, which was discovered on February 13 but was only reported last week.
The affected restaurants were owned by RMH Franchise Holdings, the second-largest Applebee’s franchisee, which confirmed the data breach.
According to RHM, the names of customers, credit or debit card numbers, as well as the expiration dates and verification codes of cards could have been stolen.
RMH claims that following the discovery, it took steps to “ensure it had been contained” and launched an investigation.
The company also consulted third-party cybersecurity experts and informed law enforcement.
Customers who made online payments or used the self-pay tabletop devices were not affected in the breach, RMH said.
A statement on the company’s website read: “RMH also notified law enforcement about the incident and will continue to cooperate in their investigation.
“Moving forward, RMH is continuing to closely monitor its systems and review its security measures to help prevent something like this from happening again.
“RMH is pleased to report that the incident has been contained and guests may use their cards with confidence at the RMH Applebee’s locations that were affected by this incident.”
RMH has now advised customers to keep an eye on their bank statements for any suspicious activity and to report any discrepancies to their banks.
It added that the POS systems at the affected locations across Arizona, Texas, and other states are no longer a risk to customers.
The incident comes after hundreds of Tim Hortons restaurants in Canada were forced to close last month, after malware rendered POS systems unusable.
The cyber-attack again targeted POS systems, which were forced offline, leaving some stores with no option but to close.
According to reports, the malware infected terminals in mid-February and spread to hundreds of locations across North America.