More than 160 Applebee's Hit with Security Breach

RMH Franchise holdings announced on its website that is has been hit by a security breach at its more than 160 Applebee’s restaurants.

“RMH Franchise Holdings recently learned about a data incident affecting certain payment cards used at RMH-owned Applebee’s restaurants that we operate as a franchisee,” the company said. This includes 167 restaurants in Alabama, Arizona, Florida, Illinois, Indiana, Kansas, Kentucky, Missouri, Mississippi, Nebraska, Ohio, Pennsylvania, Texas, and Wyoming—nearly all of the units run by RMH. Since the company operates its point-of-sale systems isolated from the broader Applebee’s network, the notice only applies to RMH-run stores.

RMH said it “promptly launched an investigation and obtained the help of leading cyber security forensics firms,” upon learning of the potential incident. Experts found that unauthorized software placed on the POS system at certain RMH-run Applebee’s was designed “to capture payment card information and may have affected a limited number of purchases made at those locations.”

Here’s how it breaks down:

Alabama: 2
Arizona: 23
Texas: 15
Wyoming: 5
Indiana: 21
Ohio: 44
Oklahoma: 6
Pennsylvania: 1
Kansas: 3
Kentucky: 14
Florida: 4
Illinois: 15
Missouri: 2
Mississippi: 1
Nebraska: 16

This involved gleaning guests’ names, credit or debit card numbers, expiration dates, and card verifications codes processed during limited time periods, RMH said. The dates vary by location.

The breach was discovered on February 13 and, in most of the cases, the malware was active on POS systems between December 6 and January 2018. In some it had been present since November 23 or December 5. RMH added that online payments and tabletop devices were not affected. A full list of restaurants and dates can be found here.

“Moving forward, RMH is continuing to closely monitor its systems and review its security measures to help prevent something like this from happening again,” the company said. “RMH is pleased to report that the incident has been contained and guests may use their cards with confidence at the RMH Applebee’s locations that were affected by this incident

Security breaches have plagued the restaurant industry in recent months, mostly on the quick-service side, although Shoney’s admitted an incident in April.

In the limited-service arena, Jason’s Deli, Arby’s, Sonic Drive-In, Chipotle, Pizza Hut, and Wendy’s grappled with breaches.

“Point-of-sale security has become an enormous challenge for the hospitality industry as attackers increasingly target POS vulnerabilities to access sensitive data,” Fred Kneip, CEO of CyberGRX, said in a statement. “The Applebee’s breach is the latest in a long line of similar attacks to quick service restaurants, including Sonic, Chipotle, and Wendy’s. Chain restaurants not only need a real-time feed of threats emanating from vendors to mitigate malicious access to their networks, they need to measure and monitor how other third parties like franchisees and divisions are managing this type of risk.”

California Pizza Kitchen’s $50,000 ‘Thank You Card’ Sweepstakes Ends April 22

California Pizza Kitchen (CPK) Thank You Card promotion – where every card is a winner – is still going on through THIS Sunday, April 22! Most importantly, $50,000 in cash is still up for grabs, which means everyone with an unopened Thank You Card needs to head out to their local CPK over the next five days to find the big grand […]

Kyuramen Opens in Sandy Springs, Georgia

Kyuramen, the renowned Japanese ramen chain, introduced its location at 6623 Roswell Rd NE, Sandy Springs, GA 30328 that brings authentic and innovative ramen experiences at an affordable price to Sandy Springs residents. Participating in Kyuramen’s nationwide “New Bowl Lottery Game,” the Sandy Spring location allows diners to have a chance to win a free […]

Denny’s to Offer Discounted Sweet Cream Cold Brew on 4/20

This 4/20, come to Denny’s for a brew-tiful celebration. In honor of National Cold Brew Day on April 20, Denny’s is pleased to provide Denny’s rewards members 20 percent off one Sweet Cream Cold Brew. Customers must become value members before April 20 to be eligible for this special all-day offer. No matter what holiday you’re celebrating, […]

Fleming’s Prime Steakhouse & Wine Bar Hosting Mother’s Day Weekend Lunch

Fleming’s Prime Steakhouse & Wine Bar is celebrating Moms with amazing 3-Course Menus for Mother’s Day weekend. Fleming’s will be offering a new 3-course Lunch Menu that will be available starting at 11 am on Saturday, May 11, 2024 and 10 am on Sunday, May 12th, 2024, as well as a classic Surf & Turf […]

Ponderosa and Bonanza Steakhouses Roll Out All You Can Eat Wings

Ponderosa and Bonanza Steakhouses, known for their family-friendly atmosphere and classic cuisine, has rolled out another delicious limited-time special, All You Can Eat Wings. The flavor fest you won’t want to miss features unlimited servings of a variety of fried to perfection chicken wings, including two brand-new sauces. Hurry in soon – the finger-lickin’ deal […]

You might also like...

Get daily updates on quick-serve industry news, tips, and events.