Moe’s Southwest Grill, McAlister’s Deli, and Schlotzsky’s, the three restaurant brands of multi-channel foodservice firm Focus Brands, have provided an update on a previously reported payment card incident.

In August this year, the three restaurant brands reported data breach at select locations, and commenced an investigation into the issue.

An unauthorised code was installed at certain corporate and franchised locations of the three brands to copy payment card data from cards used in person.

The code tried to track data read from the magnetic stripe of a payment card when it was being routed through a restaurant’s server.

The investigation also identified that the malware was installed at different times over the general period of time from 11 April to 22 July this year.

As per the investigation, the code accessed a part of track data featuring the card number, expiration date, and internal verification code, and sometimes cardholder name.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

In separate statements, the three brands said: “It is always advisable to remain vigilant to the possibility of fraud by reviewing your payment card statements for any unauthorised activity.

“You should immediately report any unauthorised charges to the bank that issued your card, because payment card rules generally provide that cardholders are not responsible for unauthorised charges reported in a timely manner.

“We quickly took measures to contain the incident, remove the unauthorised code, and we are working to implement measures to further enhance payment card security. We regret that this occurred and apologise for any inconvenience.”

Additionally, Moe’s Southwest Grill, McAlister’s Deli, and Schlotzsky’s took steps to contain the incident, remove the unauthorised code, and implement enhanced security measures to prevent re-occurrence.