DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

O’Charley’s suffers payment card network compromise, notifies customers

Posted on May 20, 2016 by Dissent

Dave Williams reports:

Diners who ate at an O’Charley’s restaurant between March 18 and April 8 may have been affected by a data breach, Georgia Attorney General Sam Olens warned Friday.

Read more on Atlanta Business Chronicle.

O’Charley’s statement, posted today on their web site, explains what happened and offers tips for guests to protect themselves. It appears that only three of their locations were not impacted, so if you ate at an O’Charley’s during the specified time period, do check your statements for any evidence of fraudulent use of your payment card data:

…. When one of our network security tools identified suspicious network traffic, we immediately began an investigation and engaged a leading third party cyber-security firm to assist. On April 8, 2016, the cyber-security investigation identified signs of unauthorized access to the payment card network of our restaurants. Findings show that an unauthorized program was installed on point-of-sale devices that looked for data from payment cards swiped in the restaurants when the data was being routed to obtain authorization for the transaction. In some instances the program identified data from the card’s magnetic stripe that included the cardholder name and card number. In other instances the program only found data from the magnetic stripe that did not include the cardholder name. No other guest information was involved.

Cards used at O’Charley’s restaurants between March 18, 2016 and April 8, 2016 may have been affected. We want to make all guests who used their card during this three-week time frame aware. O’Charley’s restaurants located at 930 Windham Court, Boardman, Ohio and 2077 Interchange Drive, Erie, Pennsylvania, and the O’Charley’s restaurant located in the Nashville International Airport were not affected.

We notified law enforcement officials and are supporting their investigation. The payment card networks have been notified so that they can work with the banks that issue payment cards to initiate heightened monitoring on cards used during the three-week time frame. In addition to measures taken to terminate this incident, we continue to work with the third-party cyber security firm to further strengthen the security of our systems to help prevent this from happening in the future.

It is always advisable to remain vigilant to the possibility of fraud by reviewing your payment card statements for unauthorized activity. You should immediately report any unauthorized charges to your card issuer because payment card rules generally provide that cardholders are not responsible for unauthorized charges reported in a timely manner. The phone number to call is usually on the back of your payment card. Please see the section that follows this notice for additional steps you may take to protect your information.

O’Charley’s regrets any inconvenience this may have caused. If you have questions, please call (855) 907-3245 from 9:00 a.m. to 6:00 p.m. ET Monday – Friday.

[…]

No related posts.

Category: Business SectorID TheftMalwareU.S.

Post navigation

← A second inadequately secured Mexican voter list exposes data on more than 2 million voters
UK: Tesco call centre worker fined over customer data breach →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • McDonald’s McHire leak involving ‘123456’ admin password exposes 64 million applicant chat records
  • Qilin claims attack on Accu Reference Medical Laboratory. It wasn’t the lab’s first data breach.
  • Louis Vuitton hit by data breach in Türkiye, over 140,000 users exposed; UK customers also affected (1)
  • Infosys McCamish Systems Enters Consent Order with Vermont DFR Over Cyber Incident
  • Obligations under Canada’s data breach notification law
  • German court offers EUR 5000 compensation for data breaches caused by Meta
  • Air Force Employee Pleads Guilty to Conspiracy to Disclose Unlawfully Classified National Defense Information
  • UK police arrest four in connection with M&S, Co-op and Harrods cyberattacks (1)
  • At U.S. request, France jails Russian basketball player Daniil Kasatkin on suspicion of ransomware conspiracy
  • Avantic Medical Lab hacked; patient data leaked by Everest Group

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • DeleteMyInfo Wins 2025 Digital Privacy Excellence Award from Internet Safety Council
  • TikTok Loses First Appeal Against £12.7M ICO Fine, Faces Second Investigation by DPC
  • German court offers EUR 5000 compensation for data breaches caused by Meta
  • How to Build on Washington’s “My Health, My Data” Act
  • Department of Justice Subpoenas Doctors and Clinics Involved in Performing Transgender Medical Procedures on Children
  • Google Settles Privacy Class Action Over Period Tracking App
  • ICE Is Searching a Massive Insurance and Medical Bill Database to Find Deportation Targets

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.