Wendy's is investigating "unusual activity" related to cards used in some of its restaurants.
The fast food chain launched an investigation after being alerted this month by the payments industry to possible fraudulent charges being made "elsewhere after payment cards were legitimately used at some restaurants," said spokesman Bob Bertini.
Wendy's is working with cybersecurity experts, payment industry contacts and law enforcement to look into the possible fraud. It's unclear how many cards or restaurant locations may have been affected.
"Until this investigation is completed, it is difficult to determine with certainty the nature or scope of any potential incident," Bertini said.
The possible security breach was first reported Wednesday by Krebs on Security.
Data security continues to be an issue for consumer-facing companies, and those with franchise models may be particularly vulnerable, says Andrew Komarov, chief intelligence officer for InfoArmor, a Scottsdale, Ariz.,-based computer security company.
"Traditionally, big corporations and retailers use franchised-based models," he says, which means that "in many cases their security in different branches is absolutely decentralized on practice. This allows bad actors to take advantage of such insecurities."
Wendy's has more than 6,500 franchised and company-owned restaurants worldwide.
Contributing: Beth Weise in San Francisco
