A data breach involving Bojangles' Restaurants Inc. has been disclosed by several law firms based on a corporate filing to the Vermont Attorney General's Office.
According to the filing, the restaurant chain began mailing Nov. 19 data breach notification letters to impacted individuals "of an event that may affect the confidentiality of your information."
Bojangles has not commented on the data breach in a news release.
The filing does not indicate which individuals -- employees or customers -- have been affected by the breach that was discovered on March 12 that Bojangles labeled as "suspicious activity on our corporate network."
Through its investigation, Bojangles confirmed that sensitive personal information in its systems may have been viewed and downloaded by an unauthorized third-party between Feb. 19 and March 12.
The two-page filing includes a list of the specific types of sensitive information that could have impacted, such as: Social Security number; driver's license or other government issued ID card numbers (individual taxpayer ID number, passport number, military ID card number); financial account number or credit or debit card number; unique biometric data (fingerprint, retina or iris image, or other unique biometric representation); genetic information; and health record or records of a wellness program or similar program of health promotion or disease prevention.
"Although we have no indication of identity theft or fraud in relation to this event, we are providing you information about the event, our response, and additional measures you can take to help protect your information should you determine it is appropriate to do so," according to the filing.
Bojangles is providing affected individuals with complimentary credit monitoring services. Bojangles becomes the latest corporation with a significant Triad business presence to become subject to a data breach.
Most recently, Truist Financial Corp. informed customers in October they may have been affected by another data breach via the Feb. 14-26 hacking of a third-party debt collection agency.
"This incident did not impact Truist's systems or network, or the information maintained on our systems," Truist told customers.
That information may include customers' full name, current address and addresses for up to the past five years, account number, date of birth, Social Security number, a legible photocopy of a government-issued identification card (state driver's license or ID card, etc.), and pay stub or W2 form.
Others include UnitedHealthcare, AT&T, Ticketmaster, Truliant Federal Credit Union, HanesBrands Inc., Center for Creative Leadership, Bank of America Corp., VF Corp., Atrium Health, Novant Health Inc., the parent company of Golden Corral restaurant chain, and Pepsi Bottling Ventures LLC.
rcraver@wsjournal.com
336-727-7376
@rcraverWSJ
Love 0 Funny 0 Wow 0 Sad 0 Angry 0
The business news you need
Get the latest local business news delivered FREE to your inbox weekly.
Sign up! * I understand and agree that registration on or use of this site constitutes agreement to its user agreement and privacy policy. Richard Craver Author email Follow Richard Craver Close Get email notifications on {{subject}} daily! Your notification has been saved. There was a problem saving your notification.
{{description}}
Email notifications are only sent once a day, and only if there are new matching items.
Save Manage followed notifications Close Followed notifications Please log in to use this feature Log In Don't have an account? Sign Up Today