Church’s Chicken probes into possible data breach

22nd November 2019 (Last Updated November 22nd, 2019 15:13)

US-based fast food restaurant chain Church's Chicken is investigating into a possible data breach at some of its restaurants.

US-based fast food restaurant chain Church’s Chicken is investigating into a possible data breach at some of its restaurants.

The restaurant company said that is probing into a potential incident “involving credit and debit card data at some of its company-owned restaurants in the US.”

According to the company, the payment processing systems that services certain company-operated restaurants may have been accessed by an unauthorised third party.

This possible incident is believed to have impacted only Church’s company restaurants in the US.

Church’s operates company-owned restaurants in Alabama, Arkansas, Florida, Georgia, Illinois, Louisiana, Mississippi, Missouri, South Carolina, Tennessee and Texas.

In a statement, Church’s Chicken said: “Our company has retained a leading cybersecurity firm to help us determine exactly what happened and what more we can do moving forward to keep our customers’ data secure. We are also cooperating with Federal law enforcement and have notified the payment card networks and credit reporting agencies, to mitigate any potential for harm to our customers.”

Set up in San Antonio, Texas in 1952, Church’s Chicken specialises in Original and Spicy Chicken that are freshly prepared in small batches.

It serves Tender Strips, Honey-Butter Biscuits made from scratch and freshly baked, and classic, home-style sides.

Church’s, along with its sister brand Texas Chicken outside the Americas, has over 1,500 locations in 25 countries and overseas territories and system-wide sales of over $1bn.

In February this year, US-based fast-food restaurant chain Taco Bueno Restaurants reported a data breach compromising the payment cards information of customers at certain locations.

The company launched an investigation to identify the breach after it received a report of the incident from a third party source. It also appointed cybersecurity experts to assist in identifying the issue.