"340,000 Jason’s Deli Customers Potentially Impacted by Credential Stuffing Attack"
Restaurant chain Jason’s Deli just recently started informing customers that their user accounts and personal information might have been compromised in credential stuffing attacks. Over the weekend, the company, which owns over 200 fast casual restaurants across the United States, began informing customers that attackers have been observed accessing user accounts using login credentials obtained from other data breaches. The company noted that the information compromised may have included customer names, addresses (including all saved delivery addresses), phone numbers, birthdays, preferred Jason’s Deli location, order history, contact lists (if any – names and email addresses used for sending group orders), house account number (if any), Deli Dollars points, available redeemable amounts and banked rewards, as well as truncated gift card/credit card numbers. According to Jason’s Deli, the attackers might have also viewed the last four digits of users’ payment and gift card numbers, but not all the numbers. The company has told the Maine AGO that more than 340,000 individuals might have been affected.