Enable Accessibility
Notice of Potential Payment Card Incident Notice of Potential Payment Card Incident

Church’s Chicken takes the security of our guests’ payment card data seriously.  Late last month, Cajun Operating Company (“Church’s Chicken” or “Church’s”) became aware that unauthorized activity occurred involving the payment processing systems that services our company-operated restaurants.

Our company immediately retained a leading cybersecurity forensics firm, to help us contain and remediate the activity, and launch an investigation to determine the extent to which information in Church’s systems may have been impacted.  In addition, we are continuing to cooperate with federal law enforcement and have notified payment card networks and credit monitoring agencies.

The Church’s system uses multiple payment processing systems and, as a result, not all Church’s restaurants – and none of our franchised locations – are believed to be impacted by this incident.  We are taking steps to contain and remediate any unauthorized access in our systems, and we are working hard to determine the specific locations and dates for each restaurant that may have been involved.

To ensure guests have the latest information, we have set up a dedicated page on our website – www.churchs.com/security – where we will post information and updates about this incident.  Currently, we have posted on our website a list of restaurant locations that may be impacted. Guests may also call our toll free call center at (866) 345-6788, which is open 7am CT to Midnight CT, 7 days-a-week.  Church’s will provide updates once we have completed our investigation and know more about any payment cards that may have been impacted.

Church’s is committed to protecting the privacy and security of our customers.  While our investigation continues, we would like to remind all of our guests to be vigilant and that it is always good practice to review your payment card statements regularly and report any unusual or unauthorized purchases to your card issuer.

 

View List of Locations
Locations

Frequently Asked Questions

Q:  When did the incident occur?

A:  Although our investigation is ongoing, what we currently know suggests that payment cards used at certain restaurants in 2019 may have been impacted.  We are working hard to determine specific locations and dates for each restaurant that may have been involved.

Church’s will provide updates to guests once we have completed our investigation and know more about any payment cards that may have been impacted.

 

Q:  What locations may have been involved/affected?

A:  Our investigation is ongoing.  We are still determining specific locations and dates for each restaurant that may have been involved.

Currently, we have posted on our website a list of restaurant locations that may be impacted.  Church’s will provide update to guests once we have completed our investigation and know more about any payment cards that may have been impacted.

 

Q:  What kind of information or data may have been affected?

A:  We believe the incident may have impacted payment cards, including payment card numbers, names, and expiration dates, used at certain Church’s restaurants.

 

Q:  How can I tell if my payment card may have been affected?

A:  We believe the incident may involve the payment processing system that services our company-owned restaurants.  We are working hard to determine specific locations and dates for each restaurant that may have been involved in the attack.  Church’s will provide updates to guests once we have completed our investigation and know more about any payment cards that may have been impacted.  While our investigation continues, Church’s would like to remind guests that it is always good practice to review their payment card statements regularly, monitor free credit reports, and report any unusual or unauthorized purchases to their card issuer immediately.

 

Q:  Do I need to cancel or replace my payment card?  Do I need to notify my bank or card company?  What should I do to protect myself?

A:  It is always good practice to review your payment card statements regularly and report any unusual or unauthorized purchases to your card issuer.  If you have reason to believe you may be the victim of identity theft, or notice any suspicious activity on any of your accounts, there are a number of important steps you should take, including immediately notifying your financial institution, your local law enforcement agency, your state’s Attorney General (https://www.usa.gov/state-attorney-general), and the Federal Trade Commission (www.identitytheft.gov).  For more information about steps you can take to protect yourself, visit https://www.consumer.ftc.gov/topics/identity-theft.

 

Q:  Is it safe for guests to shop/use payment cards Church’s restaurants?

A:  Yes.  We have already taken steps to contain and remediate the incident, and our investigation has confirmed that any previous unauthorized third-party access is not ongoing.

 

Q:  I ordered Church’s Chicken through a delivery app such as Uber Eats, Door Dash, Postmates, or GrubHub.  Was my payment information impacted?

A:  No.  This incident impacted the payment processing systems that services our company-operated restaurants.  When guests order Church’s Chicken through a delivery app, the order payment is processed exclusively by the delivery app’s payment systems.  No guest payment information is transferred to Church’s during this type of transaction.

 

Q:  Do you know what states were impacted?

A:  We believe this potential incident is limited to the company-operated restaurants only and we operate company restaurants in only 11 states: Alabama, Arkansas, Florida, Georgia, Illinois, Louisiana, Mississippi, Missouri, South Carolina, Tennessee and Texas.