After weeks and months of high-profile data breaches, another one has emerged: this time, at Jimmy John's.
The sandwich franchise announced on Wednesday that customers' credit and debit card data was compromised after an intruder store stole log-in credentials from the chain's payments-system vendor. The hacker then used the stolen credentials to access point-of-sale systems at approximately 216 stores.
Both corporate and franchised locations were affected by the data breach, which lasted from June 16 to September 5. Jimmy John's has assembled a list of which stores were affected, during what periods of time.
The chain reports that the breach has now been contained, and that it is currently safe to use credit and debit cards in Jimmy John's stores.
Jimmy John's says that it has already taken steps to prevent future security breaches, including installing encrypted swipe machines, updating systems and reviewing its policies and procedures for third party vendors. The company is additionally offering affected customers identity protection services.
Jimmy John's joins an extensive list of chains hacked in 2014. Earlier in September, Home Depot reported 56 million credit and debit cards were put at risk in a cyberattack on its payment terminals. Other chains hit by hackers this year include Neiman Marcus, P.F. Chang's and Michaels. Jimmy John's has not indicated that its data breach is connected to incidents at other companies.