Dickey's Barbecue Pit, a restaurant franchise with 156 locations across 30 states, was hit by a malware-based, point-of-sale data breach. The details of the breach surfaced after Gemini Advisory, a cybersecurity firm, found the stolen cards on a Joker’s Stash, a hacker’s forum for stolen payment data. The data was traced back to the compromised point of purchase (CPP) — Dickey’s Barbecue Pit.
It's believed payment systems were compromised by card-stealing malware, with the highest exposure believed to be in California and Arizona. It’s believed the transactions were made with magstripe cards, and the breach could have occurred on a single central processor, according to Gemini. Reports indicate that since about mid-2019, credit card data from roughly 3 million payment cards were stolen. It's believed the +3 million credit cards stem from 35 states, spanning a time frame of over a year.