Drive-in burger chain Sonic has confirmed a credit card-related data breach, which has caused the company’s stock to tank.
The fast-food chain’s stock dropped to its lowest value in nearly two months Wednesday after Krebs on Security reported that a breach in the company’s payment systems may have led to a “fire sale” of millions of stolen credit and debit card accounts. As of Wednesday morning, shares fell at least 4.4% to $23.52, the biggest drop within one day since Aug. 8, Bloomberg reports.
“We are working to understand the nature and scope of this issue, as we know how important this is to our guests,” Sonic said in a statement, acknowledging that its credit card processor informed them about the breach last week. “We immediately engaged third-party forensic experts and law enforcement when we heard from our processor.”
Sonic did not disclose how many credit cards were potentially breached. It says that it will communicate additional information “as we are able.” Krebs, meanwhile, reports that the hacked information is already being sold in underground cybercrime stores.
Sonic has more than 3,500 restaurants throughout 44 states, according to the company’s website.
It’s not the first chain restaurant to suffer a breach this year. Chipotle in May reveled that hackers installed software within its point-of-sale devices to gain access to customer data.