Arby’s Restaurant Group said this week it believes its data was breached when an intruder used malware to access information from payment cards used at company-owned restaurants between Oct. 20, 2016 and Jan. 12, 2017, according to a news release.
A list of restaurants affected and specific times data can be found here. In some instances, the malware appears to have identified data from the card's magnetic stripe, including the cardholder name and number, the news release said. However, in other instances the card data identified by the malware did not appear to include the cardholder name, which the release said indicated some of the data may not have been identified.
Arby's said it is working with the card companies that typically do not hold customers responsible for fraudulent charges that are quickly reported. The chain said guests can either visit the aforementioned website for further information or call 1-844-616-6628 weekdays between 9 a.m. and 9 p.m. EST.