Colorado-based pasta chain Noodles & Company has announced a "data security incident" that may have led to customers' credit card information being compromised. Through "ongoing third-party investigations," the chain has confirmed malware targeted locations in 27 states and Washington, D.C.
"Credit and debit cards used at the affected locations are no longer at risk from the malware involved in this incident," the chain said in a press release. "Guests can safely use their credit and debit cards at Noodles & Company locations. Noodles & Company is working with the United States Secret Service to investigate this incident."
Customers who dined at the affected restaurants between January 31 and June 2 should check their bank statements. Potentially compromised information includes cardholder name, card number, expiration date, and CVV. The chain says credit card transactions on its website were not part of the breach.
Noodles & Company joins an ever-growing list of restaurant chains targeted by data hackers. Square burger and Frosty purveyor Wendy's is facing a class-action lawsuit over its recent breach, which has been determined to be much worse than originally thought.