Jimmy John’s says credit card information was stolen from 216 shops, including three locally

Jimmy John’s sandwich chain said it believes customers’ credit card information was stolen from 216 of its shops — including three in the Kansas City area — between June and September.

The chain, based in Champaign, Ill., said stores in 37 states across the U.S. were affected. It did not say how many customers were affected.

Jimmy John’s believes someone stole login credentials and remotely installed malware on machines used to swipe credit cards. Some customers’ credit card numbers, expiration dates, verification codes and names were stolen between June 16 and Sept. 15, the company said. The privately held company said it discovered the problem July 30.

The area stores, according to a list on the company’s website, are at 20120 E. Jackson Drive, Independence; 8427 Wornall Road, Kansas City; and 1720 W. 23rd St., Lawrence.

Jimmy John’s said it believes its security has been restored by installing encrypted swipe machines and taking other steps.

This story was originally published September 24, 2014 at 10:00 PM with the headline "Jimmy John’s says credit card information was stolen from 216 shops, including three locally."