We have been notified by our card processor of a recent data breach with the potential for a large number of compromised accounts. The breach, which is still under investigation, is believed to have spanned from October 25, 2016 to January 19, 2017.
Upon further investigation and a news release by USA Today – Malware on cash registers at Arby’s fast food restaurants across the country may have resulted in the breach of more than 355,000 credit and debit cards. It appears that Arby’s restaurants owned by the Atlanta, GA based company were affected, not franchise locations.
The malware installed allowed attackers to remotely steal data from each credit card as it is swiped at the cash register. This is the same type of point-of-sale attack behind the massive breaches at Target and Home Depot which credit unions are still recovering from.
Arby’s Restaurant Group, Inc. said in a statement that it had recently launched an investigation of its payment card systems after learning of a possible data breach. The company immediately notified law enforcement and hired computer security companies to investigate.
LFCU has approximately 150 compromised cards from this breach. We will be watching those accounts for fraud and notifying members if we need to block their cards and reissue new ones. If you have not used your debit or credit card at an Arby’s restaurant between the dates shown above, your card will not have been compromised. If you have concerns or would like to know if your card is on the list, please contact the office.