News Local/State

Jimmy John’s Hit By Data Breach

Jimmy John's location in Urbana

A Jimmy John's location in Urbana (Jeff Bossert/WILL)

Champaign-based sandwich chain Jimmy John’s says more than 200 of its locations have been hit by a possible breach of credit and debit cards.

In a statement from the company Wednesday Jimmy John’s said it learned of the possible security incident on July 30th.  Stores in 37 states were impacted.

“It appears that customers’ credit and debit card data was compromised after an intruder stole log-in credentials from Jimmy John’s point-of-sale vendor and used these stolen credentials to remotely access the point-of-sale systems at some corporate and franchise locations between June 16, 2014 and September 5, 2014.  The security compromise has been contained, and customers can use their credit and debit cards securely at Jimmy John’s stores.”

The list of 216 stores affected include one in the Champaign area, at 601B Green Street in Campustown. 

Another affected location was in Charleston, with 14 more in the Chicago area.  In Indiana, 12 stores were impacted.

Jimmy John’s says the cards impacted appear to have been swiped at stores, and did not include those entered manually or online. 

The restaurant says it’s taken steps to prevent this type of event from occurring in the future, including the installing of encrypted swipe machines, implementing system enhancements, and reviewing its policies and procedures for third party vendors.

Jimmy John's is offering identity protection services to impacted customers.  To take advantage, call (855) 398-6442.  The restaurant chain has more than 2,000 locations.

The website Krebs on Security first broke the story July 31st.