Hawaiian Restaurant Notifies Customers about Data Breach

Anna Wolfe
Senior Editor - Restaurants
Anna Wolfe  profile picture

Zippy’s Restaurants in Hawaii has notified its customers of a data breach involving its credit and debit card processing system.

According to a statement on the restaurant’s website, Zippy’s, which operates 24 locations in Hawaii, learned of the data breach March 8 and immediately began an investigation, and engaged independent computer forensic experts to assist.

On April 4, the independent computer forensic experts informed Zippy’s that credit and debit cards used at Zippy’s Restaurant, Napoleon’s Bakery, Kahala Sushi, and Pearl City Sushi between November 23, 2017 and March 29, 2018, may have been compromised as a result of the data security incident.

Information impacted by this incident may include the cardholder’s name, the card number, expiration date, and security code.  

Orders placed on Zippys’ website, payments for senior cards submitted to Zippy’s corporate office, fundraisers and catering orders were not affected.

The restaurant said it has has taken steps to prevent this type of event from occurring in the future, including hardware updates, changing the way certain software and system processes work, and further enhancing system security and monitoring.

“Zippy’s takes the security of its customers’ information seriously. We are working closely with data security experts to implement processes and measures that will improve our system security to prevent this from happening again,” said Paul Yokota, president of FCH Enterprises, parent company of Zippy’s. “We sincerely apologize for any inconvenience this incident may cause.”