InfoSecurity Magazine -
Data Breach Lawsuit Against Sonic Will Proceed
Litigation filed against American fast-food chain Sonic over a 2017 data breach has been allowed to proceed.
Financial institutions brought a lawsuit against Sonic Corp after it emerged that financial data belonging to customers of the restaurant had been stolen in a cyber-attack. The attacker(s) installed malware on a point-of-sale system used at hundreds of Sonic franchises.
In a data breach notice issued at the time of the attack, Sonic stated: “Sonic Drive-In has discovered that credit and debit card numbers may have been acquired without authorization as part of a malware attack experienced at certain Sonic Drive-In locations.”
Sonic is based in Oklahoma City and has nearly 3,600 locations across 45 US states. An investigation into the attack found that customers’ payment card data had been exposed at more than 700 Sonic franchised drive-in locations.
Under Sonic’s franchise agreement, the franchisees were required to give Sonic
The article Data Breach Lawsuit Against Sonic Will Proceed was originally published at InfoSecurity.