O’Charley’s suffers payment card network compromise, notifies customers

Dave Williams reports:

Diners who ate at an O’Charley’s restaurant between March 18 and April 8 may have been affected by a data breach, Georgia Attorney General Sam Olens warned Friday.

Read more on Atlanta Business Chronicle.

O’Charley’s statement, posted today on their web site, explains what happened and offers tips for guests to protect themselves. It appears that only three of their locations were not impacted, so if you ate at an O’Charley’s during the specified time period, do check your statements for any evidence of fraudulent use of your payment card data:

…. When one of our network security tools identified suspicious network traffic, we immediately began an investigation and engaged a leading third party cyber-security firm to assist. On April 8, 2016, the cyber-security investigation identified signs of unauthorized access to the payment card network of our restaurants. Findings show that an unauthorized program was installed on point-of-sale devices that looked for data from payment cards swiped in the restaurants when the data was being routed to obtain authorization for the transaction. In some instances the program identified data from the card’s magnetic stripe that included the cardholder name and card number. In other instances the program only found data from the magnetic stripe that did not include the cardholder name. No other guest information was involved.

Cards used at O’Charley’s restaurants between March 18, 2016 and April 8, 2016 may have been affected. We want to make all guests who used their card during this three-week time frame aware. O’Charley’s restaurants located at 930 Windham Court, Boardman, Ohio and 2077 Interchange Drive, Erie, Pennsylvania, and the O’Charley’s restaurant located in the Nashville International Airport were not affected.

We notified law enforcement officials and are supporting their investigation. The payment card networks have been notified so that they can work with the banks that issue payment cards to initiate heightened monitoring on cards used during the three-week time frame. In addition to measures taken to terminate this incident, we continue to work with the third-party cyber security firm to further strengthen the security of our systems to help prevent this from happening in the future.

It is always advisable to remain vigilant to the possibility of fraud by reviewing your payment card statements for unauthorized activity. You should immediately report any unauthorized charges to your card issuer because payment card rules generally provide that cardholders are not responsible for unauthorized charges reported in a timely manner. The phone number to call is usually on the back of your payment card. Please see the section that follows this notice for additional steps you may take to protect your information.

O’Charley’s regrets any inconvenience this may have caused. If you have questions, please call (855) 907-3245 from 9:00 a.m. to 6:00 p.m. ET Monday – Friday.

[…]

About the author: Dissent

Comments are closed.