ORLANDO—Information from about 567,000 payment cards may have been exposed in a data breach at the Cheddar's Scratch Kitchen restaurant chain between Nov. 3, 2017, and Jan. 2.
Cheddar's is owned by Darden Restaurants Inc., which said in a release that affected restaurants span 23 states, including Alabama, Arizona, Arkansas, Delaware, Florida, Illinois, Indiana, Iowa, Kansas, Louisiana, Maryland, Michigan, Missouri, Nebraska, New Mexico, North Carolina, Ohio, Oklahoma, Pennsylvania, South Carolina, Texas, Virginia and Wisconsin.
“Upon being notified of this incident, we activated our response plan and we engaged a third-party forensic cybersecurity firm to investigate. Our current systems and networks were not impacted by this incident. In fact, this incident occurred on a legacy Cheddar's system that was permanently disabled and replaced by April 10, 2018, as part of our integration process,” the company said.