Jimmy John's Still Has Freaky Fast Delivery, But It Also Has a Data Breach

Share
September 25, 2014, 7:02 AM

Jimmy John's promotes itself as having "freaky fast delivery" but it would rather not be known as the sandwich chain that had credit and debit card numbers stolen from about 216 shops nationwide, including 18 in Michigan.

WDIV lists the state stores:

  • Madison Heights , MI 1535 E. 12 Mile Rd. --- 6/16/2014 - 8/7/2014
  • Sterling Heights , MI 40846 Van Dyke --- 6/16/2014 - 8/7/2014
  • East Lansing , MI 4790 S. Hagadorn Rd. #140 --- 6/16/2014 - 8/2/2014
  • East Lansing , MI 143 N. Harrison Ste. 100 --- 6/16/2014 - 7/30/2014
  • Ypsilanti , MI 537 W Cross Street --- 6/16/2014 - 7/30/2014
  • Warren , MI 7568 E. 9 Mile Rd. --- 6/16/2014 - 8/13/2014
  • Novi , MI 31204 Beck Rd. --- 6/26/2014 - 8/1/2014
  • Canton , MI 6535 N. Canton Center Rd. --- 6/27/2014 - 8/13/2014
  • Niles , MI 1260 S. 11th St. --- 7/1/2014 - 8/2/2014
  • Livonia , MI 33177 W. 8 Mile Rd. --- 7/1/2014 - 7/30/2014
  • Sterling Heights , MI 36324 Van Dyke --- 7/1/2014 - 8/1/2014
  • Bloomfield Hills , MI 4087 W. Maple Rd. --- 7/1/2014 - 8/3/2014
  • Marquette , MI 3220 U.S. Hwy 41 W --- 7/1/2014 - 8/8/2014
  • Novi , MI 39755 Grand River Ave. --- 7/23/2014 - 8/1/2014
  • Royal Oak , MI 413 S. Main St. --- 7/23/2014 - 8/1/2014
  • Livonia , MI 37671 Six Mile Rd. B218 --- 7/23/2014 - 8/2/2014
  • Bay City , MI 719 Washington Ave. --- 7/23/2014 - 8/1/2014
  • Clarkston , MI 5601 Sashabaw Rd. --- 7/23/2014 - 8/1/2014

The chain issued a press release on its website. An excerpt:

On July 30, 2014, Jimmy John’s learned of a possible security incident involving credit and debit card data at some of Jimmy John’s stores and franchised locations. Jimmy John’s immediately hired third party forensic experts to assist with its investigation. While the investigation is ongoing, it appears that customers’ credit and debit card data was compromised after an intruder stole log-in credentials from Jimmy John’s point-of-sale vendor and used these stolen credentials to remotely access the point-of-sale systems at some corporate and franchised locations between June 16, 2014 and September 5, 2014. The security compromise has been contained, and customers can use their credit and debit cards securely at Jimmy John’s stores.

Approximately 216 stores appear to have been affected by this event. Cards impacted by this event appear to be those swiped at the stores, and did not include those cards entered manually or online. The credit and debit card information at issue may include the card number and in some cases the cardholder’s name, verification code, and/or the card’s expiration date. Information entered online, such as customer address, e-mail, and password, remains secure. The locations and dates of exposure for each affected Jimmy John’s location are listed on AFFECTED STORES & DATES.

Jimmy John’s has taken steps to prevent this type of event from occurring in the future, including installing encrypted swipe machines, implementing system enhancements, and reviewing its policies and procedures for its third party vendors. 


Read more:  WDIV

Leave a Comment:

Contributors 


Photo Of The Day 

Follow Us on Instagram