The Hawaii-based Zippy's Restaurants reported that for four months its point-of-sale system at 25 of its locations had been compromised exposing customer data.
The company, which operates fast-food restaurants under the Zippy's Restaurant, Napoleon's Bakery, Kahala Sushi, and Pearl City Sushi names, said in a statement to its customers that from November 23, 2017, to March 29, 2018, its payment card system exposing information. The chain was informed on April 4 of the breach by an independent computer forensic expert and began corrective measures. This includes upgrading system hardware, changing the way certain software and system processes work, and further enhancing system security and monitoring.
“Zippy's takes the security of its customers' information seriously. We are working closely with data security experts to implement processes and measures that will improve our system security to prevent this from happening again,” said Paul Yokota, president of FCH Enterprises, the parent company of Zippy's.