Mexican restaurant chain On The Border said Monday it is investigating an incident in which customer credit card information was compromised at "some of" its locations.
The restaurant chain said it became aware on Nov. 14 that customer information such as names, credit card numbers, credit card expiration dates, and credit card verification codes were being accessed through malware installed on payment processing systems at some of its locations between April 10, 2019 and Aug. 10, 2019.
"Our company has retained a leading forensics firm and is conducting an investigation to determine the extent to which information in On The Border's system has been impacted. We are cooperating with law enforcement and have also notified payment card networks of the investigation," according to the company's press release.
On The Border said the incident involved restaurant locations in 27 states, adding in a separate press release posted to its website that it took immediate action with "leading partners in cybersecurity" after learning of the incident to "identify and remove the malware which led to the potential compromise."
The restaurant chain said the compromise did not affect all restaurants, nor did it affect catering customers and franchises.
"On The Border is committed to protecting the privacy and security of our guests and will continue to take quick action. While our investigation continues, we remind all of our guests to be vigilant and that it is always good practice to review your payment card statements regularly and report any unusual or unauthorized purchases to your financial institution," the release said.