OKLAHOMA CITY, Okla.—Fast-food chain Sonic Drive-In, with nearly 3,600 locations across the U.S., has acknowledged a breach affecting an unknown number of store payment systems, KrebsOnSecurity reported.
Krebs stated that the “ongoing breach” may have led to a “fire sale” on millions of stolen credit and debit card accounts that are now being peddled in underground cybercrime stores.
“Our credit card processor informed us last week of unusual activity regarding credit cards used at Sonic,” reads a statement the company issued to KrebsOnSecurity. “The security of our guests’ information is very important to Sonic. We are working to understand the nature and scope of this issue, as we know how important this is to our guests. We immediately engaged third-party forensic experts and law enforcement when we heard from our processor. While law enforcement limits the information we can share, we will communicate additional information as we are able.”
Krebs stated that Christi Woodworth, vice president of public relations at Sonic, said the investigation is still in its early stages, and the company does not yet know how many or which of its stores may be impacted.
The accounts apparently stolen from Sonic are part of a batch of cards that credit card theft bazaar Joker’s Stash is calling “Firetigerrr,” and they are indexed by city, state and ZIP code, Krebs explained.
“This geographic specificity allows potential buyers to purchase only cards that were stolen from Sonic customers who live near them, thus avoiding a common anti-fraud defense in which a financial institution might block out-of-state transactions from a known compromised card,” stated Krebs.