Sonic Drive-In Investigating Data Breach That May Have Impacted Millions Of Credit, Debit Cards

This is an archived article and the information in the article may be outdated. Please look at the time stamp on the story to see when it was last updated.

OKLAHOMA CITY (KFSM) — Fast food chain Sonic Drive-In is investigating a possible data breach that may have impacted millions of credit and debit cards, our sister station KFOR reports.

Officials with Sonic said they had been notified of “unusual activity” regarding credit and debit cards use at the drive-in fast food chain.

“The ongoing breach may have led to a fire sale on millions of stolen credit and debit card accounts that are now being peddled in shadowy underground cybercrime stores,” according to KrebsOnSecurity, which first reported the possible breach.

The fast food chain confirmed to KrebsOnSecurity that the company is investigating “a potential incident” at some locations.

“Our credit card processor informed us last week of unusual activity regarding credit cards used at SONIC,” reads a statement the company issued to KrebsOnSecurity. “The security of our guests’ information is very important to SONIC. We are working to understand the nature and scope of this issue, as we know how important this is to our guests. We immediately engaged third-party forensic experts and law enforcement when we heard from our processor. While law enforcement limits the information we can share, we will communicate additional information as we are able.”

The company said at this time they do not know how many or which of its stores may have been impacted.