Fast-casual restaurants are supposed to be exactly that — quick enough on the back end to get food out to customers and convenient enough so that ordering, eating and paying are all low-stakes affairs. At least they used to be at Noodles & Co.
The Colorado-based noodle and pasta chain announced Tuesday (June 28) that it was officially delivering notice to customers of a potential breach of diners’ payment information. Though no location was specified, Noodles & Co said that consumers who made a payment at any store between January 31, 2016 and June 2, 2016 may be affected.
The chain reported that it discovered suspicious activity on its computer systems on June 2.
“Since that time, Noodles & Company has been working with third-party forensic investigators to determine how the security compromise occurred and what information was affected,” the retailer explained in a statement. “The company is also working to implement additional procedures to further secure guests’ debit and credit card information, including removing the malware at issue to contain this incident and to prevent any further unauthorized access to guests’ debit or credit card information.”
But the latest headlines are not the first of the year. Noodles & Co. had been alerted to suspicious activity between January of this year and mid-May after several financial institutions reportedly saw a pattern of fraudulent charges on customer cards.
“The ongoing program we have in place to aggressively test and implement chip-based systems across our network is moving forward,” the company said in May. “We are actively working with our key business partners to deploy this system as soon as they are ready.”
The latest round of news caps off a bad month for data security in the quick-service restaurant industry. In early June, Wendy’s made headlines with its own disclosure of a possible credit card breach, and a few more will leave a bad taste in consumers’ mouths that they can’t get out.