The second largest franchise owner of Applebee's restaurants, which owns the three Lincoln locations as well as others in Nebraska, has disclosed a data breach that might have affected customers.
Lincoln-based RMH Franchise, which owns 167 Applebee's locations in 15 states, including 11 locations in Nebraska, said in a post on its website last week that it discovered malware at some locations that was "designed to capture payment card information and may have affected a limited number of purchases made at those locations."
According to the post, the malware may have captured names, credit or debit card numbers, expiration dates and card verification codes. People who paid online or used tabletop payment devices were not affected.
RMH Franchise said the incidents occurred at different times at different restaurants. It did not say how many customers might have been affected.
In Lincoln, customers at the Gateway Mall Appleebee's were potentially affected between Nov. 23 and Jan. 2; at the Applebee's at 3730 Village Drive (near 40th Street and Old Cheney Road), affected transactions occurred between Dec. 5 and Jan. 2; and at the Applebee's at 3951 N. 27th St., the affected period was Dec. 6-Jan. 2.
RMH Franchise said it discovered the breach Feb. 13, hired a cybersecurity forensics firm and reported it to law enforcement. The company said it is confident that the breach has been contained.
The company said anyone who used a card at one of its Applebee's locations should monitor their statements for unusual activity and immediately report any suspicious transactions to the card provider.
To see the post about the incident, go to: rmhfranchise.com/dataincident/
The other Applebee's locations in Nebraska owned by RMH Franchise are in Columbus, Grand Island, Hastings, Kearney, North Platte, Scottsbluff, Sidney and York.