DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

O’Charley’s suffers payment card network compromise, notifies customers

Posted on May 20, 2016 by Dissent

Dave Williams reports:

Diners who ate at an O’Charley’s restaurant between March 18 and April 8 may have been affected by a data breach, Georgia Attorney General Sam Olens warned Friday.

Read more on Atlanta Business Chronicle.

O’Charley’s statement, posted today on their web site, explains what happened and offers tips for guests to protect themselves. It appears that only three of their locations were not impacted, so if you ate at an O’Charley’s during the specified time period, do check your statements for any evidence of fraudulent use of your payment card data:

…. When one of our network security tools identified suspicious network traffic, we immediately began an investigation and engaged a leading third party cyber-security firm to assist. On April 8, 2016, the cyber-security investigation identified signs of unauthorized access to the payment card network of our restaurants. Findings show that an unauthorized program was installed on point-of-sale devices that looked for data from payment cards swiped in the restaurants when the data was being routed to obtain authorization for the transaction. In some instances the program identified data from the card’s magnetic stripe that included the cardholder name and card number. In other instances the program only found data from the magnetic stripe that did not include the cardholder name. No other guest information was involved.

Cards used at O’Charley’s restaurants between March 18, 2016 and April 8, 2016 may have been affected. We want to make all guests who used their card during this three-week time frame aware. O’Charley’s restaurants located at 930 Windham Court, Boardman, Ohio and 2077 Interchange Drive, Erie, Pennsylvania, and the O’Charley’s restaurant located in the Nashville International Airport were not affected.

We notified law enforcement officials and are supporting their investigation. The payment card networks have been notified so that they can work with the banks that issue payment cards to initiate heightened monitoring on cards used during the three-week time frame. In addition to measures taken to terminate this incident, we continue to work with the third-party cyber security firm to further strengthen the security of our systems to help prevent this from happening in the future.

It is always advisable to remain vigilant to the possibility of fraud by reviewing your payment card statements for unauthorized activity. You should immediately report any unauthorized charges to your card issuer because payment card rules generally provide that cardholders are not responsible for unauthorized charges reported in a timely manner. The phone number to call is usually on the back of your payment card. Please see the section that follows this notice for additional steps you may take to protect your information.

O’Charley’s regrets any inconvenience this may have caused. If you have questions, please call (855) 907-3245 from 9:00 a.m. to 6:00 p.m. ET Monday – Friday.

[…]

Category: Business SectorID TheftMalwareU.S.

Post navigation

← A second inadequately secured Mexican voter list exposes data on more than 2 million voters
UK: Tesco call centre worker fined over customer data breach →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Credit Control Corporation data allegedly from 9.1 million consumers listed for sale on forum
  • Copilot AI Bug Could Leak Sensitive Data via Email Prompts
  • FTC Provides Guidance on Updated Safeguards Rule
  • Sentara Health terminates remote employees after realizing they couldn’t be sure who was doing the work.
  • Hackers Break Into Car Sharing App, 8.4 Million Users Affected
  • Cyberattack pushes German napkin company into insolvency
  • WMATA Train Operators Arrested in Health Care Fraud Scheme
  • Washington Post investigating cyberattack on journalists, WSJ reports
  • Resource: State Data Breach Notification Laws – June 2025
  • WestJet investigates cyberattack disrupting internal systems

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Vermont signs Kids Code into law, faces legal challenges
  • Data Categories and Surveillance Pricing: Ferguson’s Nuanced Approach to Privacy Innovation
  • Anne Wojcicki Wins Bidding for 23andMe
  • Would you — or wouldn’t you?
  • New York passes a bill to prevent AI-fueled disasters
  • Synthetic Data and the Illusion of Privacy: Legal Risks of Using De-Identified AI Training Sets
  • States sue to block the sale of genetic data collected by DNA testing company 23andMe

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.