If you're still fuming from the recent Equifax breach, you won't be thrilled to learn that Sonic Drive-In admitted that millions of credit and debit card accounts are at risk after a successful security breach targeting the company's cash registers occurred. Here's what happened and how you can tell whether you've been affected.
Here's What Happened
Brian Krebs, an investigative journalist who runs the website Krebs on Security, says the first signs that something fishy had occurred came after sources at financial institutions in Oklahoma told him that they were noticing a string of fraudulent transactions occurring after people ate at a local Sonic Drive-In.
According to Krebs, about 5 million credit card numbers went up for sale recently on a shadowy website. A large portion of the cards had recently been used at a Sonic, Krebs wrote. When he called Sonic, he was told that they were aware of a "potential incident" and later released a statement regarding the hacking, saying: "We are working to understand the nature and scope of this issue, as we know how important this is to our guests. We immediately engaged third-party forensic experts and law enforcement when we heard from our processor. While law enforcement limits the information we can share, we will communicate additional information as we are able."
Sonic's vice president of public relations Christi Woodworth said the investigation is still in its early stages and they have no way of knowing just how many people have been affected. Yikes!
So what can I do to protect myself?
If you've recently eaten at Sonic, you should check your card activity as soon as possible. If you notice any unusual purchases, don't hesitate to call the number on your card and speak to someone.
USA Today writes that these point-of-sale breaches occur when hackers plant malware that copies a person's credit card information when he or she swipes their card. This information is then sold to shady people on underground forums like the one Krebs wrote about on his website.