Anyone who's recently eaten at a Sonic Drive-In may have had their credit or debit card number stolen and put up for sale online, Krebs on Security reports. It's currently unclear how many restaurants or customers were affected, but Sonic serves approximately 3 million customers per day at nearly 3,600 locations in 45 states, according to Bloomberg. The AP reports Sonic was informed of "unusual activity" on cards used at some of its restaurants by its credit card processor last week. “We are working to understand the nature and scope of this issue, as we know how important this is to our guests,” the fast-food chain said in a statement Wednesday.
Krebs on Security reports it found a batch of stolen credit and debit card numbers that had recently been used at Sonic for sale online. The credit and debit card numbers of millions of Sonic customers are potentially there as well. News of the breach was followed by a 4.4% drop in the price of Sonic shares Wednesday. It was the worst stock decline for the company in two months. In the last major fast-food breach, credit and debit card numbers were stolen from customers at more than 1,000 Wendy's locations last year. (Troubles for Equifax were compounded by a fake website.)