If you've visited a Cheddar's Scratch Kitchen and paid with a credit card, your information may be one of the approximately 567,000 customers who had their credit card numbers stolen in a security breach at Cheddar's restaurant locations in 23 states.
Darden Restaurants, the company who bought the Cheddar's restaurant chain in April 2017, was notified about the breach by federal authorities on Aug. 16. Darden also owns the casual dining chains Olive Garden and Longhorn Steakhouse.
"The trust our guests place in us is something we take very seriously, and we regret that this incident occurred," Darden Restaurants said in a statement. "We deeply value our relationships with our guests, and our priority is to assist those who may have been impacted by this incident."
According to the authorities, a point of sale (POS) system was hacked and customers' credit card numbers may have been stolen between Nov. 3, 2017, and Jan. 2, 2018. The POS system was replaced in all of the Cheddar's restaurant locations by April 10 of this year and Darden noted that there is no evidence of unauthorized access in the restaurant's current network and systems.
The Cheddar's restaurant locations affected by the data breach are in Alabama, Arizona, Arkansas, Delaware, Florida, Illinois, Indiana, Iowa, Kansas, Louisiana, Maryland, Michigan, Missouri, Nebraska, New Mexico, North Carolina, Ohio, Oklahoma, Pennsylvania, South Carolina, Texas, Virginia, and Wisconsin.
Darden is working with a third-party cybersecurity firm to investigate the data breach. They have also hired the data-security firm ID Experts to provide identity protection services at no cost to customers who may have been affected by the attack. Customers who wish to sign up for the service should do so by Nov. 22 by calling (888) 258-7280.
Those with questions about the data breach may call the same number Monday through Friday between 8 a.m. and 8 p.m. ET or visit https://ide.myidcare.com/cheddars for more information.