Applebee’s restaurants suffered payment card breach

Share this…

RMH Franchise Holdings revealed on Friday afternoon that PoS (point of sale) systems at the Applebee’s restaurants were infected with a PoS malware.

According to information security training specialists, the PoS malware was used to collect names, payment card numbers, expiration dates, and card verification codes. On Friday afternoon, RMH Franchise Holdings published a link to the data breach notice on its website.


“RMH Franchise Holdings recently learned about a data incident affecting certain payment cards used at RMH-owned Applebee’s restaurants that we operate as a franchisee.” states the notice of the data breach.

“We are providing this notice to our guests as a precaution to inform them of the incident and to call their attention to some steps they can take to help protect themselves. RMH operates its point-of-sale systems isolated from the broader Applebee’s network, and this notice applies only to RMH-owned Applebee’s restaurants.”

The security breach was discovered on February 13, the RMH promptly started an investigation with the help of and law enforcement. The infection lasted between December 6, 2017, and January 2, 2018, as per investigation of information security training experts.

Almost any restaurant operated by RMH was impacted, the incident affects more than 160 restaurants in Alabama, Arizona, Florida, Illinois, Indiana, Kansas, Kentucky, Missouri, Mississippi, Nebraska, Ohio, Pennsylvania, Texas, and Wyoming.

The security breach does not affect online payments systems, clients using self-pay tabletop devices were not affected too. RMH clarified that its payment systems are not affected by the incident because they are isolated from the payment network used Applebee’s.

“After discovering the incident on February 13, 2018, RMH promptly took steps to ensure that it had been contained. In addition to engaging third-party information security training professionals to assist with our investigation, RMH also notified law enforcement about the incident and will continue to cooperate in their investigation.”RMH added.

“Now, RMH is continuing to closely monitor its systems and review its security measures to help prevent something like this from happening again.”