US-based fast-food restaurant chain Taco Bueno Restaurants has reported a data breach compromising the payment cards information of customers at certain locations.
The company launched an investigation to identify the breach after it has received a report of the incident from a third party source. It has also appointed cybersecurity experts to assist in identifying the issue.
According to the investigation, the card data of customers who made payments at these affected locations between March 2018 and November 2018 may have been accessed.
The hacker installed malware into the company’s point-of-sale (PoS) devices to gain access to access to payment card data from cards used on these devices.
However, the malware failed to access payment card from POS systems at certain restaurants where the company has deployed an end-to-end encryption (E2EE) payment processing solution.
The malware might have accessed track data such as cardholder name, card number, expiration date, and internal verification code from the remaining affected locations. The company has also noted that there is no indication that other customer information was affected.
Taco Bueno contained the breach by removing the malware during the investigation and is currently working closely with cybersecurity experts to enhance its protection against threats.
The restaurant chain has also advised customers to review their payment card statements for any unauthorised activity.
Taco Bueno currently operates 146 restaurants in Texas, Oklahoma, Arkansas, Kansas, Louisiana and Missouri.