Jimmy John’s sandwich chain said it believes customers’ credit card information was stolen from 216 of its shops — including three in the Kansas City area — between June and September.
The chain, based in Champaign, Ill., said stores in 37 states across the U.S. were affected. It did not say how many customers were affected.
Jimmy John’s believes someone stole login credentials and remotely installed malware on machines used to swipe credit cards. Some customers’ credit card numbers, expiration dates, verification codes and names were stolen between June 16 and Sept. 15, the company said. The privately held company said it discovered the problem July 30.
The area stores, according to a list on the company’s website, are at 20120 E. Jackson Drive, Independence; 8427 Wornall Road, Kansas City; and 1720 W. 23rd St., Lawrence.
Jimmy John’s said it believes its security has been restored by installing encrypted swipe machines and taking other steps.
| The Associated Press and The Star