NewsLocal News


31 Va. Noodles & Company stores possibly affected by security breach

Posted at 12:30 PM, Jun 30, 2016
and last updated 2016-06-30 18:14:31-04

HENRICO, Va. – Over 30 Virginia stores could be affected by a recent data security incident at Noodles & Company, including several local ones.

A recent incident may have compromised the security of payment information of guests who used debit or credit cards between January 31, 2016 and June 2, 2016.

The breach occurred at stores around the U.S.:  Arizona, California, Colorado, Delaware, Florida, Idaho, Illinois, Indiana, Iowa, Kansas, Kentucky, Maryland, Minnesota, Missouri, New Jersey, New York, North Carolina, Ohio, Oklahoma, Oregon, Pennsylvania, Tennessee, Texas, Utah, Virginia, Washington Washington D.C. and Wisconsin.

The company said they became aware of “unusual activity” on May 17, reported by their credit card processor.

Sixteen days later, on June 2, third-party forensic experts found suspicious activity located on their computer systems.

The company said guests’ debit and credit card data, at certain locations, was potentially compromised.

They are still working to determine how the security compromise occurred and what information was affected.

The local shops affected are at 1601 Willow Lawn Drive, the VCU location at 814 W. Grace Street,  the Mechanicsville location at 7291 Battle Hill Drive, and the Chesterfield location at 1401 Alverser Drive.

Credit and debit cards used at the affected locations are no longer at risk from the malware involved in this incident, according to a company spokesperson.

All guests who may be impacted are encouraged to be vigilant in monitoring credit and debit card statements for any suspicious charges.

The company wrote on their website page created specifically for this data breach:

“If you identify any suspicious charges on your statement, you should immediately report these charges to your card issuer.  The phone number to call is usually on the back of the credit or debit card.  As a reminder, this incident did not involve any guest Social Security numbers, as this information is never collected or maintained by Noodles & Company.

While your Social Security number is not at risk as a result of this incident, you can you can review the information in the release posted above for more general guidance on how to better protect against the possibility of identity theft involving your  Social Security number.”

CBS 6 asked the company whether chip readers were in place during the breach. They sent us this statement:

 "Noodles & Company has an ongoing program in place to aggressively test and implement chip-based systems across our network is moving forward. We are actively working with our key business partners to deploy this system as soon as they are ready."

If you have any questions or would like additional information regarding this incident,  call the dedicated assistance line toll-free at 888-849-1067, 9 a.m. to 9 p.m. EDT, Monday through Friday (excluding U.S. holidays).