CHAMPAIGN, Ill. — Jimmy John’s sandwich chain said Wednesday that it believes customers’ credit card data was stolen from 216 of its shops between June and September.
The Champaign, Illinois-based chain said in a news release that stores in 37 states across the United States were affected. It did not say how many customers are affected.
Jimmy John’s believes someone stole log-in credentials and remotely installed malware on machines used to swipe credit cards. Some customers’ credit card numbers, expiration dates, verification codes and names were stolen between June 16 and Sept. 15, the company said.
The privately held company said it discovered the problem on July 30.
Jimmy John’s said it believes its security has been restored by installing encrypted swipe machines and taking other steps.
Jimmy John’s has more than 2,000 locations.