The Krystal Company would like to advise guests that it is actively investigating a security incident that involves one of the payment processing systems that services some of its restaurants.
The company has retained a leading forensics firm and is conducting an investigation to determine the extent to which information in Krystal's systems may have been impacted. It is cooperating with law enforcement and have also notified the payment card networks of the investigation.
Although its investigation is in its early stages, Krystal has learned that the security incident may have involved payment cards processed by a payment processing system used at certain restaurants between July through September 2019.
Krystal uses multiple payment processing systems and, as a result, not all Krystal restaurants have been impacted by this incident. The brand has already taken steps to contain and remediate the incident. It is working hard to determine the specific locations and dates for each restaurant involved in the attack. To date, its investigation has determined that about a third of our restaurants are not impacted.
To ensure guests have the latest information, it have set up a dedicated page on our website – http://www.krystal.com/security– where it will post information and updates about this incident. Currently, it has posted on its website a list of restaurant locations that may be impacted. Guests may also call Krystal’s call center at 1-800-457-9782, which is open 24 hours, seven-days-a-week. Krystal will provide updates to guests once we have completed its investigation and know more about payment cards that may have been impacted.
Krystal is committed to protecting the privacy and security of its customers and will continue to take quick action. While its investigation continues, it would like to remind all of guests to be vigilant and that it is always good practice to review their payment card statements regularly and report any unusual or unauthorized purchases to their financial institution.