Sonic declines after burger chain hit by data breach
(Bloomberg) -- Sonic Corp., the drive-in burger chain known for its rollerskating carhops, is the latest target of hackers seeking consumers’ credit-card accounts.
The company suffered its worst stock decline in almost two months after disclosing a breach of its payment systems. The situation was brought to Sonic’s attention last week by its credit-card processor, which flagged “unusual activity” with cards used at its restaurants.
“We are working to understand the nature and scope of this issue, as we know how important this is to our guests,” the company said in a statement. “We immediately engaged third-party forensic experts and law enforcement when we heard from our processor. While law enforcement limits the information we can share, we will communicate additional information as we are able.”
Brian Krebs, an independent journalist who investigates breaches, reported late on Tuesday that the breach led to a “fire sale” on millions of stolen credit- and debit-card accounts. The information was put up for sale in a so-called theft bazaar called Joker’s Stash, Krebs said.
The shares fell as much as 4.4 percent to $23.52 on Wednesday, the biggest intraday drop since Aug. 8. The stock was down 7.2 percent this year through Tuesday’s close, hurt by broader headwinds in the restaurant industry.
The dangers of data breaches were thrown back in the spotlight this month after Equifax Inc. exposed the data of 143 million Americans. The credit-reporting company said that hackers accessed a vast trove of names, Social Security numbers, birth dates, addresses and driver’s license numbers. Chief Executive Officer Richard Smith stepped down in the wake of the revelations.
Chipotle Mexican Grill Inc. also disclosed a breach earlier this year, saying hackers had installed malicious software in order to grab customer data from point-of-sale devices.
Sonic, based in Oklahoma City, serves about 3 million customers a day. Most of its 3,500 locations are operated by franchisees.