Unauthorized activity in system used to process payments


In November 2019, the company disclosed that it had suffered a cyber attack where an attacker breached the payment processing system at some of the chain’s corporate locations compromising payment card information (exposing payment card numbers, names and expiration dates).

A company spokesperson said that customer payment card data was impacted only at point-of-sale or drive thru locations and not online. The company did not confirm when the breach occurred or when the individual locations were exposed other than that it was some time in 2019.


Courtenay Brammar

Experienced global enterprise risk and governance professional. Previously Vice President at Morgan Stanley, Deloitte Risk Advisory practitioner and PRMIA steering committee member in both London and New York.

Additional services

We offer a range of cost-effective, fixed-price training programmes and consultant services derived from the unique insights gained from all our case study data.

If you'd rather we did the heavy lifting in developing a cyber incident response plan or lessons learnt training for your organisation underpined by our unique insight into the challenges faced and strategies implemented by organisations countering today's cyber security threats then please contact us here.


  • Cajun Operating Company
  • Church's Chicken

We've done the analysis so you can make the decisions

When purchasing a minimum of 5 Case Studies
$699.99 if buying less than 5.

  • Detailed cause & effect analysis
  • Lessons learnt catalogued
  • Preventive controls extracted
Add to Cart
Heads up! Want to try before you buy? You can download our FREE demo case study here