Data Breach At Cheddar's Scratch Kitchen Affects 23 States

Customers who dined at Cheddar's restaurants between late 2017 and early into 2018 may have had their payment card information exposed, Darden Restaurants, the parent company of Cheddar's, said in a press release. Darden said the breach affects customers in 23 states who dined at the restaurant between Nov. 3, 2017 and Jan. 2, 2018.

Federal authorities notified Darden on Aug. 16 that a point-of-sale system at certain Cheddar's Scratch Kitchen may have been compromised in a cyberattack.

Guests who visited the restaurants on the affected dates may have had their payment card information, including card numbers, exposed. Darden estimates that about 567,000 customers may have been affected, adding that it is continuing to assess the scope of the breach.

Darden, which acquired Cheddar's in 2017, said the legacy point-of-sale system at Cheddar's was permanently disabled and replaced by April 10. The company, whose brands include Olive Garden and LongHorn Steakhouse, said its current systems and networks were not impacted.

The states affected by the breach are: Alabama, Arizona, Arkansas, Delaware, Florida, Illinois, Indiana, Iowa, Kansas, Louisiana, Maryland, Michigan, Missouri, Nebraska, New Mexico, North Carolina, Ohio, Oklahoma, Pennsylvania, South Carolina, Texas, Virginia and Wisconsin.

Darden said guests who dined at the restaurants in those states between Nov. 3, 2017 and Jan. 2, 2018 should call 888-258-7280 for more information. The company has also established a website for affected customers.

Photo via Shutterstock