Krystal currently has 342 locations in the Southern United States and “is the original quick-service restaurant chain in the South.”
The payment card data breach affected some of its restaurants between July and September 2019. The company is investigating the incident to determine the specific locations and dates for each restaurant impacted by the attack. Krystal has retained a forensics firm to investigate the incident.
At the time of writing it is still unclear the number of impacted customers and the type of exposed financial data.
“The Krystal Company would like to advise guests that our company is actively investigating a security incident that involves one of the payment processing systems that services some of our restaurants.” reads the notice of breach published by Krystal.
“Although our investigation is in its early stages, we have learned that the security incident may have involved payment cards processed by a payment processing system used at certain restaurants between July through September 2019.”
Krystal leverages multiple payment processing systems, but the company pointed out that not all its restaurants have been impacted by this incident.
“To date, our investigation has determined that about a third of our restaurants that are not impacted.” continues the notice.
The fast-food chain
Customers could search for restaurant locations that have been impacted by the security incident at
Customers can also contact a 24/7 call center set up by the company at 1-800-457-9782 for more information.
The fast-food chain recommends customers to be vigilant and to review their payment card statements regularly and report any unusual or unauthorized purchases to your financial institution.
(SecurityAffairs – Krystal, payment card data breach)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.