Burger chain Wendy's Co said some customers' payment card data, including card numbers and other crucial information, was stolen in the malware attack that affected about 1,025 of its franchised restaurants in the United States.
Wendy's has 5,144 franchised restaurants in the country, spokesman Bob Bertini said. Hackers stole "cardholder name, credit or debit card number, expiration date, cardholder verification value, and service code," among other data, the company said earlier on Thursday.
None of the 582 company-owned restaurants seem to have been affected in the breach, Wendy's said. Wendy's first reported the malware attack in February, a couple of weeks after announcing a probe into unusual payment card activity at some of its outlets. In June, the company said a variant of the malware had been found. The company's shares were down more than 2 percent at $9.42 in afternoon trading.
"We sincerely apologize to anyone who has been inconvenienced as a result of these highly sophisticated, criminal cyberattacks involving some Wendy's restaurants," CEO Todd Penegor said in a statement.