Jimmy John's data breach includes OH locations

Jimmy John's data breach includes OH locations
Jimmy John's is investigating a security breach. (Source: Jimmy John's)
Jimmy John's is investigating a security breach. (Source: Jimmy John's)

(WOIO) - On July 30, 2014, Jimmy John's learned of a possible security incident involving credit and debit card data at some of stores and franchised locations. As a result, the company immediately hired third party forensic experts to assist with its investigation.

While the investigation is ongoing, it appears that customers' credit and debit card data was compromised after an intruder stole log-in credentials from Jimmy John's point-of-sale vendor and used these stolen credentials to remotely access the point-of-sale systems at some corporate and franchised locations between June 16, 2014 and September 5, 2014. The company says the security compromise has been contained, and customers can use their credit and debit cards securely at Jimmy John's stores.

Approximately 216 stores appear to have been affected by this event. Cards impacted by this event appear to be those swiped at the stores, and did not include those cards entered manually or online. The credit and debit card information at issue may include the card number, and in some cases, the cardholder's name, verification code, and/or the card's expiration date. Information entered online, such as customer address, e-mail, and password, remains secure.

A total of 13 Ohio locations are included in the breach:

-Mayfield Heights




-Cuyahoga Falls

-West Chester


-Columbus (2)



-Middleburg Heights


Click here for specific locations and dates of exposure for each affected Jimmy John's location. 

Jimmy John's has taken steps to prevent this type of event from occurring in the future, including installing encrypted swipe machines, implementing system enhancements, and reviewing its policies and procedures for its third party vendors. 

Jimmy John's is offering identity protection services to impacted customers, although the company does not collect its customers' Social Security numbers. To take advantage of these services, visit Contacts & Information. For more information, call (855) 398-6442.

In addition, customers are encouraged to monitor their credit and debit card accounts, and notify their bank if they notice any suspicious activity. Additional recommendations for protecting your information can be found at Recommendations.

Customers are becoming increasingly concerned about their financial security after several large retailers reported security breaches.

"It's becoming kind of scary now, so you have to be kind of careful what you do with your cards and things." said one customer. 

Jimmy John's will post updates regarding its ongoing investigation on the company's website.

Like 19 Action News on Facebook for the latest news, weather, sports and giveaways.

Copyright 2014 WOIO. All rights reserved.