Sonic Drive-In, the fast food restaurant chain, is offering free fraud detection and identity theft protection following a security breach at some of the fast food restaurant chain's locations.
KrebsOnSecurity broke news of the breach about a week ago, but Sonic Drive-In didn't offer a detailed statement about next steps until today. The statement was briefly delayed amid an ongoing law enforcement investigation. Third-party forensics teams have also been involved, the company said.
Credit and debit card numbers may have been acquired without authorization as part of a malware attack experienced at certain Sonic Drive-In locations, the company said. The Sonic statement also included multiple apologies to customers, but was vague in terms of the breach's size and associated malware.
Free Identity Theft Protection
As a precautionary measure, customers who used their cards in 2017 at Sonic locations can receive 24 months of free fraud detection and identity theft protection through the Experian IdentityWorks website. Customers have until December 31, 2017 to register and enroll, Sonic indicated.
No doubt, Sonic Drive-In wants to get ahead of the breach story -- striving to avoid the type of miscommunications and fallout that have plague high-profile breach news involving the SEC and Equifax, among others.