US-based restaurant chain PDQ has reported a cyber-attack on its computer systems, which compromised personal information of some of its customers who paid with credit cards.

The data breach occurred between 19 May 2017 and 20 April 2018, and affected all PDQ locations that were operational during this time period.

The data that was compromised include customer names, credit card numbers, expiration dates and cardholder verification value.

The company believes that the attacker entered using an outside technology vendor’s remote connection tool.

“Based on the nature of the breach, it was not possible to determine the identity or exact number of credit card numbers or names that were accessed or acquired during the breach time period. If you used a credit card for your purchase at a PDQ restaurant during the breach period, then your credit card number, expiration date, cardholder verification value and or name may have been accessed or acquired by a hacker,” PDQ said in a statement.

While PDQ has already launched an investigation and performed a forensic review, it failed to determine the exact volume of card numbers or names affected during the attack.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

The company already reported the issue to law enforcement and said that it is taking measures to prevent the recurrence of such incidents.