From their press release:
CCC Restaurant Enterprises, LLC, doing business as POPEYES, today announced that a recent data security incident may have compromised the security of payment information of some customers who used debit or credit cards at certain CCC Restaurant locations for certain timeframes between May 5, 2016 and August 18, 2016. We have investigated and contained the incident, and credit and debit cards used by our customers at the affected locations identified are no longer at risk from the malware involved in this incident. Customers can safely use their credit and debit cards at CCC Restaurant locations.
What Happened? On July 9, 2016, CCC Restaurant, doing business as POPEYES, began investigating some unusual activity reported to the company by its credit card processor. CCC Restaurant retained a third-party forensic expert to investigate this report and to identify any signs of compromise on its systems. CCC Restaurant discovered evidence on its computer systems that indicated a potential compromise of customers’ debit and credit card data for some debit and credit cards used at certain CCC Restaurant locations.