Data Breach at 216 Jimmy John’s Locations
Jimmy John’s is the latest company to suffer a major data breach. The sandwich shop chain confirmed today that criminals hacked into their point of sale systems at 216 stores and accessed customer debit and credit card information.
The breach took place between June 16 and September 5. Hackers obtained the account numbers on these cards, and may have access to the cardholder name, verification number and/or expiration date.
The company, based in Champaign, Illinois, said the hackers were able to obtain the login credentials from the chain’s payment technology vendor and access its point of sale system.
The breach did not affect any cards used in any online order or a transaction where the card number was entered manually.
The company is offering free identity protection to customers affected by the breach.
A complete list of affected stores and the dates of the breach can be found here.
The Department of Homeland Security issued an advisory in August stating more than 1,000 businesses were impacted by the “Backoff” malware used in the Target breach. Jimmy John’s becomes the latest in a long line of retailers hacked within the last year, including Target, Neiman Marcus, Michaels, P.F. Chang’s, Dairy Queen, UPS Stores, Sally Beauty, Home Depot and Supervalu and Albertsons grocery stores.