Noodles & Company Confirms Potential Data Breach
Earlier this week, Noodles & Company informed customers that their payment card information could have been stolen in a potential breach. At-risk information includes the cardholder’s name, card number, expiration date and CVV.
The Colorado-based Noodles & Company first noticed something was amiss in May, and it announced that it was investigating a potential data breach. At that time, the fast-casual restaurant said it was working with forensic experts to solve the problem. Then, on June 2, the company found suspicious activity on its computer systems that indicated customers’ debit and credit card data could have been compromised.
“Since that time, Noodles & Company has been working with third-party forensic investigators to determine how the security compromise occurred and what information was affected,” the restaurant said in its statement. “The company is also working to implement additional procedures to further secure guests’ debit and credit card information, including removing the malware at issue to contain this incident and to prevent any further unauthorized access to guests’ debit or credit card information.”
A list of specific restaurants affected is available on the company’s website, but Noodles & Company said customers who paid with their debit or credit card at any of its 500 stores between January 31, 2016 and June 2, 2016 may have been affected.
The company explained that it delayed its announcement of the breach at the behest of U.S. law enforcement.
Noodles & Company is not the only restaurant chain in the headlines over a data breach. Wendy’s is facing several lawsuits for a security incident that stretched from October 22, 2015 through March 10, 2016.