A popular restaurant chain is warning customers that their credit card information may have been compromised.

Criminals managed to get into the POS (point of service) system for Huddle House restaurants. A point of service system is the computer system used to operate cash registers and credit card swipers.

The company issued this statement to explain what happened:

“Huddle House locations were recently the target of malicious cyber activity involving some corporate franchisee-operated restaurants. Criminals compromised a third-party point of sale (POS) vendor’s data system and utilized the vendor’s assistance tools to gain remote access—and the ability to deploy malware—to some Huddle House corporate and franchisee POS systems. Huddle House was notified by a law enforcement agency and its credit card processor that some of its corporate and franchise locations may have been victims of a malicious cyber-attack. Huddle House retained a leading IT investigation and security firm in less than 24 hours from notification, to deploy specialized software to prevent further attacks. At this time, we do not know how many locations may have been infected with malware. If you used a payment card at a Huddle House location between August 1, 2017 and present, your payment card information may be at risk. This date range is based upon our preliminary investigation and we are still conducting our investigation into the scope of this attack. We wanted to alert you of these facts so you can make informed choices about your use of your credit or debit card accounts and how best to protect yourself from potential fraud associated with the unauthorized use of your credit or debit card. You may review the list of all current corporate and franchisee restaurants at this link: https://locations.huddlehouse.com”

As you can see, it looks as if this intrusion went undetected for quite a long time. The malware in question collected date from the magnetic stripe of credit and debit cards including the name of the cardholder, card number, expiration date, and CVV code.

The company also suggested that users check their credit reports and consider putting credit freezes in place.

Point of sale systems are a favorite target of hackers. That’s why for smaller purchases like dining out, I’d suggest always paying cash. As always, keep a careful eye on all of your credit and debit transactions.