Data Breach at Cheddar’s Scratch Kitchen Impacts 567K

Darden reveals unauthorized access to guest data through a legacy POS system.

A legacy point-of-sale system at Cheddar’s Scratch Kitchen restaurants in 23 states may have been compromised in a cyberattack, revealing 567,000 payment card numbers, Dardens Restaurants announced yesterday.

Last week Darden Restaurants, which acquired Cheddar’s in 2017, was notified by federal authorities that a legacy POS may have been compromised in a cyberattack.

“We believe that payment card information, including card numbers, from guests who visited the affected Cheddar’s restaurants between Nov. 3, 2017 and Jan. 2, 2018, may have been exposed. We estimate the exposure to be 567,000 payment card numbers; however, we continue to assess the scope of the incident,” the company stated.

Upon being notified, Darden activated its response plan and engaged a third-party forensic cybersecurity firm to investigate. Darden’s current systems and networks were not impacted by this incident, the company said. “In fact, this incident occurred on a legacy Cheddar’s system that was permanently disabled and replaced by April 10, 2018, as part of our integration process.”

The company has arranged to have ID Experts provide identity protection services at no cost to affected individuals.  

X
This ad will auto-close in 10 seconds