On May 29, 2019, Tampa, Florida-based Checkers Drive-In Restaurants, Inc. (“Checkers” or the “Company”) issued a “Notice of Data Breach,” which, among other things, stated that the Company “. . . recently became aware of a data security issue involving malware at certain Checkers and Rally’s locations. After discovering the issue, [Checkers] quickly engaged leading data security experts to conduct an extensive investigation and coordinated with affected restaurants and federal law enforcement authorities to address the matter. [The Company has] worked closely with the third-party security experts to contain and remove the malware.”

Checkers also advised that it “. . . determined that malware was installed on certain point-of-sale systems at some Checkers and Rally’s locations, which appears to have enabled an unauthorized party to obtain the payment card data of some guests.” The data breach notice provides a “list of the impacted locations and their respective estimated dates of exposure.”  According to Checkers, “[a]pproximately 15% of Checkers and Rally’s restaurants were affected by this issue.”

Checkers advised that “[t]he malware was designed to collect information stored on the magnetic stripe of payment cards, including cardholder name, payment card number, card verification code and expiration date,” and “[n]ot all Checkers and Rally’s restaurants and not all guests who visited the impacted restaurants during the relevant time periods were affected by this issue.”

The Tampa Bay Times reported that Checkers and Rally’s in 20 states “at just over 100 Checkers and Rally’s locations” experienced a data breach.  According to the Tampa Bay Times, “Checkers did not disclose over what period of time the breach took place.”

Please click here for a “List of Affected Restaurants and Estimated Windows of Exposure,” and please click here for data breach-related FAQs published by the Company.

Kehoe Law Firm, P.C.