Southern fried chicken restaurant chain Bojangles reports data breach

Bojangles, a Southern fried chicken restaurant chain, is reporting a data breach discovered on March 12, 2024.

The incident occurred when cybercriminals gained unauthorized access to the company's corporate network between February 19, 2024, and March 12, 2024. During this period, threat actors viewed and exfiltrated sensitive data files, including:

• Names
• Social Security numbers
• Driver's license numbers
• Government-issued ID card numbers
• Financial account information
• Medical information
• Health insurance information

The exact number of affected individuals has not been disclosed, the nature of the compromised data suggests the breach primarily impacted Bojangles employees. Bojangles employs about 9,000 people.

On November 19, 2024, Bojangles began mailing data breach notification letters to impacted individuals, and is offering affected individuals 12-24 months of complimentary credit monitoring and provided identity restoration services.

The delay between the February incident and November 2024 report is not clarified.

Update - Tas of 27th of November 2024, Bojangles has reported that the breach is affecting 165,106 individuals nationwide, with exposed data including Social Security numbers, medical information, and IRS PIN numbers.