Fast-casual restaurant chain operator Noodles & Company said Tuesday a recent data security incident may have compromised the security of payment information of some its customers.
The company said the possible data security incident has affected customers who used debit or credit cards at some of its locations between Jan. 31 and June 2.
The company said it has been working with third-party forensic investigators to determine how the incident occurred and what information was affected.
Noodles & Company (NDLS) confirmed that malware may have stolen credit or debit card data from some cards used at some of its locations. These cards are no longer at risk from the malware involved in this incident, the company said.
Get Data Sheet, Fortune’s technology newsletter.
Noodles & Company began investigating in May after its credit card processor reported unusual activity.
Earlier this month, U.S. burger chain operator Wendy’s (WEN) said it had discovered additional instances of unusual credit card activity at some of its franchise-operated restaurants, widening the scope of a cyber attack the company reported in January.