Jonesboro Cici’s Pizza affected by data breach

JONESBORO, Ark. – If you’re a fan of cheap pizza, you may not be happy to hear it came with the threat of added costs.

Cici’s Pizza announced last week customers at over 100 locations, including Jonesboro’s Caraway Road location, were potential victims of a data breach. While the breaches occurred as far back as 2015, they were only recently discovered and verified by a forensic analysis.

A report by Cici’s said a breach occurred at the Jonesboro Cici’s location on March 14. The report said the breach was contained in Jonesboro by July 1.

“In early March of 2016, we received notice from several of our restaurant locations that their Point of Sale (POS) systems were not working properly,” a corporate statement from the chain began. “Our POS Vendor began an investigation to assess the problem and initiated heightened security measures.  When the POS Vendor found malware on the POS software at some Cicis restaurants, we immediately began a restaurant by restaurant data security review and remediation.  We also retained a third party cyber security firm to perform a forensic analysis to determine what, if any, information might have been compromised and to verify that all threats have been eliminated.  The forensic firm reported its findings on July 19, 2016 confirming that a malicious software program had been introduced by a hacker to the POS system used by some Cicis restaurant locations.  The threat of that malware to our restaurants has been eliminated.”

Since reporting the findings, the company has been working to contain the breaches.

“While we believe most of the breaches were remedied within a few weeks of the intrusion, out of an abundance of caution we are not declaring some restaurants as threat-free until they were reviewed by our forensic analyst this month,” The statement also said.

NEA Report reached out to management at the local establishment. Company policy prohibits managers from speaking on the record, but one manager spoke on condition of anonymity. He said no reports of any type of identity fraud or illicit behavior had come in from local customers of the Jonesboro’s Cici’s.

He also said Cici’s took a “beyond-aggressive” approach to rectifying the incident. In addition, the manager confirmed the breach is now “100 percent contained,” nationwide.

To view a list of affected stores in the breach, visit this link.

To read the full Cici’s statement, click here.

Photos by Stan Morris | NEA Report

Leave a Reply