Malware Found on Checkers & Rally’s POS System


Last May 29, 2019, Checkers & Rally’s notified its customers of a privacy data breach. The company issued a statement revealing that its POS systems encountered malware.

According to a report by ZD Net, the company found POS malware in 102 Checkers and Rally’s establishments.


Compromised State

ZD Net reports that the planted malware seeks to gather financial details of customers. The software also aims to uncover and extract personal and financial information. Card details that compromise customer information includes the card number, verification code, cardholder name, and expiration date.

Malware Found on Checkers & Rally’s POS System

The company states that some systems encountered POS malware in September 2016. Meanwhile, succeeding POS terminals infected with malware came in 2017, 2018, and 2019.


The list of affected states includes Alabama, California, Delaware, Florida, Georgia, Illinois, Indiana, Kentucky, Louisiana, Michigan, and West Virginia. The list also includes the states of Nevada, New Jersey, New York, North Carolina, Ohio, Pennsylvania, Tennessee, and Virginia.

Security Week reports that the 102 locations across 20 states account around 15 per cent of the company’s list of establishments.

Public Statement

Checkers and Rally’s announcement states that hackers infiltrated the POS systems. Following this, hackers breached and planted malware on its system.

The company is working with authorities to address the incident, including third-party security experts. The company is also working with federal law enforcement agencies and banking institutions as of writing to protect cardholder information.

The released statement emphasizes that “not all Checkers and Rally’s restaurants were affected by this issue.” The business also announced that the POS malware did not affect all the guests who visited the restaurant chain. To clarify, only those who paid during the said periods remain susceptible to security attacks.

Company’s Plan of Action

The company contacted the services of a third-party service provider to help manage the breach. However, the restaurant also urges its customers to act by themselves to prevent dubious activity.

In the announcement, Checkers & Rally’s recommends that customers be wary of unauthorized transactions. Paying customers should also review the statements of their accounts immediately.

Should clients encounter suspicious charges on their accounts, individuals must contact their card issuer right away. Clients who paid via credit card should obtain credit reports and put a security freeze on their file.

Security Week reports that Checkers & Rally’s is not the first restaurant to suffer from a data breach. Other dining establishments affected in the past include Applebee’s, Chili’s, and Huddle House.