CNET también está disponible en español.

Ir a español

Don't show this again

Security

Hackers steal credit card information from Checkers fast-food chain

It's the latest example of a classic cybercrime.

The drive-up window at Checkers.

Checkers says more than 100 of its restaurants were hit with malware that stole customers' credit card information.

Jeff Greenberg / Getty Images

If you ate at a Checkers or Rally's recently, you should consider putting fraud alerts on your credit or debit card. Otherwise, that chili dog might cost you a lot more than you thought.

Hackers infected checkout stations at more than 100 of the fast-food restaurant's locations with malicious software that stole payment card information, the company said Wednesday. So when the cashier swiped your card to pay for boneless chicken wings or a triple crispy fish sandwich, the fryer got to work on your lunch and the hackers got their hands on your credit card number. The stolen information also included cardholder names, card expiration dates and card verification codes, the company said.

In addition to putting fraud alerts on your cards, Checkers recommended reviewing your account statements to check for suspicious transactions.

"Our guests are our top priority, and we take the protection of their information very seriously," the company said in its announcement.

It's the latest example of how hackers steal credit card data from consumers at the moment they use their payment cards. Hackers sell the information in shady corners of the internet, and criminals buy it to use in a variety of ways. For example, criminals encode blank credit cards with the stolen information and use them to buy valuable items to return later for cash. It's called carding, and it's a crime that's almost as old as the internet, though it's taken different forms over the years.

As much as law enforcement agencies and financial institutions have tried to limit the carding industry, it's proved to have more staying power than a 20-piece order of angry Buffalo chicken nuggets from Checkers. Many criminals are based overseas and are hard to extradite. Russian hacker Roman Seleznev, who was sentenced to 20 years in prison in 2017 for carding crimes that hit local restaurants in the Seattle area, is a rare exception.

Checkers said in its notification that 15 percent of its stores were affected. The restaurants are in 20 states, including California, Florida and Ohio.

Now playing: Watch this: Finding our personal data on the dark web was far too...
3:53