Jimmy John's, a purveyor of gourmet sub sandwiches, is recovering from a data breach that compromised financial data of customers who swiped credit and debit cards at 216 of the company's locations.
The data breach didn't affect cards that were entered online or manually in store, according to Jimmy John's. The company says it has responded to the breach by installing new swipe machines that encrypt customer data.
"Jimmy John's has taken steps to prevent this type of event from occurring in the future, including installing encrypted swipe machines, implementing system enhancements, and reviewing its policies and procedures for its third party vendors. We apologize for any inconvenience this incident may have on our customers," states the company in a release.
Jimmy John's says the security compromise has been resolved and consumerscan safely swipe cards at any of the store's locations. The data breach perpetrated against Jimmy John's appears similar to the intrusions from Backdoor, a family of malware that infected and took control over point of sale systems after intercepting login credentials.
"While the investigation is ongoing, it appears that customers' credit and debit card data was compromised after an intruder stole log-in credentials from Jimmy John's point-of-sale vendor and used these stolen credentials to remotely access the point-of-sale systems at some corporate and franchised locations between June 16, 2014 and September 5, 2014," the company states.
The information possibly compromised include card numbers, verification numbers, card-holder names and expiration dates. Individuals who fear financial data may have been compromised are encouraged to take advantage of Jimmy John's identity protection services here.
The investigation is ongoing, according to Jimmy John's, which said it'll continue to post updates as forensic investigators continue working to on the case.
News of the security breach comes as some consumers and investigators are still reeling from the massive hack suffered by Home Depot.
The security breach of Home Depot's point of sale systems affected 2,266 of its retail stores and prompted a multi-state investigation into the issue. Home Depot encouraged alertness from customers who had shopped at any of their stores after March of 2014.
"We apologize for the frustration and anxiety this causes our customers, and I want to thank them for their patience and support as we work through this issue," said Frank Blake, chairman and CEO of Home Depot. "We owe it to our customers to alert them that we now have enough evidence to confirm that a breach has indeed occurred. It's important to emphasize that no customers will be responsible for fraudulent charges to their accounts."
