More than 100 Dickey’s Barbeque Restaurants across the U.S. were involved in a data breach that spanned more than a year.
KrebsOnSecurity reported that one of the dark web’s most popular stores for selling stolen credit card information was offering card numbers belonging to customers of Dickey’s Barbeque Restaurants.
Around three million new credit card records were being offered this week on a dark web carding site called “Jokers Stash.” Security researchers at Gemini Advisory initially discovered the stolen credit card numbers for sale on the dark web marketplace.
Gemini said its analysis found that 156 of the eatery’s 469 locations across 30 states were compromised. The largest percentage of stolen numbers were from California and Arizona. The data was accessed between July 2019 and August 2020, the researchers said.
“Given the widespread nature of the breach, the exposure may be linked to a breach of the single central processor, which was leveraged by over a quarter of all Dickey’s locations,” researchers said in a blog post.
Report suspicious charges
In a statement, the barbeque franchise said it’s aware of the safety incident and that it’s currently investigating its scope.
“We obtained a report indicating [that a] cost card safety incident might have occurred. We’re taking this incident very significantly and instantly initiated our response protocol and an investigation is underway. We’re presently centered on figuring out the places affected and time frames concerned,” Dickey’s said.
Consumers who have visited Dickey’s Barbeque in the past year are urged to monitor their bank accounts and credit card transactions and report any fraudulent or suspicious charges to their financial institution as soon as possible.