Jimmy John’s Hack Only Recently Was Stopped

The sandwich chain learned of a payment system breach back on July 30, around the time that KrebsOnSecurity first reported an investigation into the matter.

Although the firm immediately hired a private forensics team to probe the situation, the compromise persisted through Sept. 5 – more than a month after Jimmy John’s was informed of the assault.

216 stores were affected.

The hackers are believed to have broken in using stolen Internet login credentials for the vendor Jimmy John’s uses to handle its point-of-sale transactions. With that remote access, the thieves were able to pull customers’ card information from the registers in question — both corporate and franchised.

The stolen information could have included a customer’s card number, name, verification code, and/or the card’s expiration date.

“It looks like most of the locations were locked down within a few days of the breach being detected. Some lingered until mid-August, and only one — a Jimmy John’s in Cedar Rapids, IA — made it all the way into September before the problem was fixed,” the Consumerist reports.