MINNEAPOLIS (WCCO) — Popular sandwich chain Jimmy John’s seems to be the latest victim of a national data breach involving customers’ credit and debit cards.
According a press release posted on its website, Jimmy John’s learned of the security incident on July 30 and “immediately hired third party forensic experts to assist with its investigation.”
Customers’ credit and debit card data was apparently compromised after someone stole log-in credentials from a vendor and then used those credentials to access the company’s point-of-sale systems at some corporate and franchised locations.
The incident happened between June 16 and Sept. 5.
Jimmy John’s officials say the security breach has been contained and it is once again safe for customers to use their credit and debit cards at Jimmy John’s stores.
A dozen Jimmy John’s locations in Minnesota were affected, including two Minneapolis stores and one in St. Paul. For a complete list, click here.
Nationwide, the chain states 216 stores were affected.
The press release states the credit and debit cards impacted by the data breach were those swiped at the store and not any entered manually or used online.
The information that might’ve been leaked during the security incident include the customer’s card number, and in some cases, their name, verification code and the card’s expiration date.
Any information entered online, like an e-mail address, password or home address, remains secure, according to the company.
Jimmy John’s says they have taken steps to prevent a future data breach by installing “encrypted swipe machines, implementing system enhancements and reviewing its policies and procedures for its third-party vendors.”
More information about the company’s ongoing investigation will be posted on its website.