Edit
Operations

Investigation finds source of Focus’ data breach

Coding was inserted into the servers of Moe’s, McAlister’s and Schlotzsky’s to copy credit card information while on-premise transactions were being processed.
Photograph: Shutterstock

An investigation by Moe’s Southwest Grill, McAlister’s Deli and Schlotzsky’s has tracked a data breach at the sister brands this summer to coding that was slipped into their servers to strip out customer information during on-premise credit card transactions.

The code was inserted at various times between April 11 and July 29 of this year, according to a statement issued simultaneously Wednesday by the three Focus Brands holdings. Most of the affected servers were infiltrated in July, typically for a few weeks, according to the investigation update. It also noted that the malware was not found in the server of every affected restaurant.

The coding copied information from the magnetic strip of credit and charge cards as the data was being routed through a restaurant’s server, the investigation found. The targeted information included the credit card number, the expiration data and the security code. In some instances, the cardholder’s name was also copied and swiped. Not every card was scraped of its information, the chains said.

Neither the brands nor Focus have revealed how many customers may have been affected by the breach. Nor did the parties indicate how the code may have been inserted into affected restaurants’ servers.

They did indicate that both franchised and company-owned restaurants were involved.

The jointly released communication said the investigation by forensic specialists is still underway but is close to being completed.

It also noted that servers have been scrubbed and law enforcement authorities are involved.

Focus is one of the industry’s largest franchisors, with seven brands. It owns or holds the franchise rights to about 6,000 restaurants in the United States.

Trending

More from our partners