Jason's Deli - Revision history

SquidthePlummer: /* Credential surfing attack (2024) */

2026-05-04T05:10:08Z

Credential surfing attack (2024)

← Older revision		Revision as of 05:10, 4 May 2026
Line 25:		Line 25:

	===Credential surfing attack (''2024'')===		===Credential surfing attack (''2024'')===
	On 21 December 2023, Jason's Deli discovered unknown hackers had obtained account login credentials using previous data breaches that contained a users name, address, phone number, birthday, preferred Jason's locations, Deli Dollar points, [[wikipedia:PAN_truncation\|truncated credit card and gift card numbers]].<ref name=":0">{{Cite web \|last=Zurier \|first=Steve \|date=24 January 2024 \|title=Over 340,000 Jason’s Deli customers potentially impacted in credential-stuffing attack \|url=https://www.scworld.com/news/over-340000-jasons-deli-customers-potentially-impacted-in-credential-stuffing-attack \|url-status=live \|access-date=3 May 2026 \|website=SCworld}}</ref><ref name=":1">{{Cite web \|last=Langley \|first=Mitchell \|date=24 January 2024 \|title=Jason’s Deli Breach Exposes Data of Over 350K Users in Credential Stuffing Attack \|url=https://dailysecurityreview.com/security-spotlight/jasons-deli-breach/ \|url-status=live \|access-date=3 May 2026 \|website=Daily Security Review}}</ref> The company would sent a notice letter to affected users on 19 January 2024, <ref>{{Cite web \|date=2 March 2026 \|title=Notice of Data Breach \|url=https://consumer.sc.gov/sites/consumer/files/Documents/Security%20Breach%20Notices/Jason%27s%20Deli-%20Consumer%20Notice.pdf \|url-status=live \|archive-url=https://web.archive.org/web/20240202173816/https://consumer.sc.gov/sites/consumer/files/Documents/Security%20Breach%20Notices/Jason's%20Deli-%20Consumer%20Notice.pdf \|archive-date=2 February 2024 \|access-date=2 May 2026 \|website=consumer.sc.gov}}</ref>with the Office of the Maine Attorney General declaring approximately 344,000 people have been affected.<ref name=":0" /><ref name=":1" /> Five days later, Jason's Deli was faced a class action lawsuit over its failure to safeguard and secure users personal information, however it was voluntarily dismissed by plaintiff Kristen Walker on 19 March.<ref>{{Cite web \|last=Mehorter \|first=Kelly \|date=31 January 2024 \|title=Jason’s Deli Facing Class Action Over 2023 Data Breach Affecting 344K Customers \|url=https://www.classaction.org/news/jasons-deli-facing-class-action-over-2023-data-breach-affecting-344k-customers \|url-status=live \|access-date=3 May 2026 \|website=ClassAction}}</ref><ref>{{Cite web \|date=1 May 2026 \|title=Walker v. Deli Management, Inc. d/b/a Jason's Deli \|url=https://www.pacermonitor.com/public/case/52105805/Walker_v_Deli_Management,_Inc_dba_Jasons_Deli \|url-status=live \|access-date=3 May 2026 \|website=Pacermonitor}}</ref>		On 21 December 2023, Jason's Deli discovered unknown hackers had obtained account login credentials using previous data breaches that contained a users name, address, phone number, birthday, preferred Jason's locations, Deli Dollar points, [[wikipedia:PAN_truncation\|truncated credit card and gift card numbers]].<ref name=":0">{{Cite web \|last=Zurier \|first=Steve \|date=24 January 2024 \|title=Over 340,000 Jason’s Deli customers potentially impacted in credential-stuffing attack \|url=https://www.scworld.com/news/over-340000-jasons-deli-customers-potentially-impacted-in-credential-stuffing-attack \|url-status=live \|access-date=3 May 2026 \|website=SCworld}}</ref><ref name=":1">{{Cite web \|last=Langley \|first=Mitchell \|date=24 January 2024 \|title=Jason’s Deli Breach Exposes Data of Over 350K Users in Credential Stuffing Attack \|url=https://dailysecurityreview.com/security-spotlight/jasons-deli-breach/ \|url-status=live \|access-date=3 May 2026 \|website=Daily Security Review}}</ref> The company would sent a notice letter to affected users on 19 January 2024, <ref>{{Cite web \|date=2 March 2026 \|title=Notice of Data Breach \|url=https://consumer.sc.gov/sites/consumer/files/Documents/Security%20Breach%20Notices/Jason%27s%20Deli-%20Consumer%20Notice.pdf \|url-status=live \|archive-url=https://web.archive.org/web/20240202173816/https://consumer.sc.gov/sites/consumer/files/Documents/Security%20Breach%20Notices/Jason's%20Deli-%20Consumer%20Notice.pdf \|archive-date=2 February 2024 \|access-date=2 May 2026 \|website=consumer.sc.gov}}</ref>with the Office of the Maine Attorney General declaring approximately 344,000 people have been affected.<ref name=":0" /><ref name=":1" /> Five days later, Jason's Deli was faced a class action lawsuit over its failure to safeguard and secure users personal information, however it was voluntarily dismissed by plaintiff Kristen Walker 2 months later on 19 March.<ref>{{Cite web \|last=Mehorter \|first=Kelly \|date=31 January 2024 \|title=Jason’s Deli Facing Class Action Over 2023 Data Breach Affecting 344K Customers \|url=https://www.classaction.org/news/jasons-deli-facing-class-action-over-2023-data-breach-affecting-344k-customers \|url-status=live \|access-date=3 May 2026 \|website=ClassAction}}</ref><ref>{{Cite web \|date=1 May 2026 \|title=Walker v. Deli Management, Inc. d/b/a Jason's Deli \|url=https://www.pacermonitor.com/public/case/52105805/Walker_v_Deli_Management,_Inc_dba_Jasons_Deli \|url-status=live \|access-date=3 May 2026 \|website=Pacermonitor}}</ref>

	==See also==		==See also==

SquidthePlummer: /* Credential surfing attack (2024) */ forgot to add 2024

2026-05-04T05:09:33Z

Credential surfing attack (2024): forgot to add 2024

← Older revision		Revision as of 05:09, 4 May 2026
Line 25:		Line 25:

	===Credential surfing attack (''2024'')===		===Credential surfing attack (''2024'')===
	On 21 December 2023, Jason's Deli discovered unknown hackers had obtained account login credentials using previous data breaches that contained a users name, address, phone number, birthday, preferred Jason's locations, Deli Dollar points, [[wikipedia:PAN_truncation\|truncated credit card and gift card numbers]].<ref name=":0">{{Cite web \|last=Zurier \|first=Steve \|date=24 January 2024 \|title=Over 340,000 Jason’s Deli customers potentially impacted in credential-stuffing attack \|url=https://www.scworld.com/news/over-340000-jasons-deli-customers-potentially-impacted-in-credential-stuffing-attack \|url-status=live \|access-date=3 May 2026 \|website=SCworld}}</ref><ref name=":1">{{Cite web \|last=Langley \|first=Mitchell \|date=24 January 2024 \|title=Jason’s Deli Breach Exposes Data of Over 350K Users in Credential Stuffing Attack \|url=https://dailysecurityreview.com/security-spotlight/jasons-deli-breach/ \|url-status=live \|access-date=3 May 2026 \|website=Daily Security Review}}</ref> The company would sent a notice letter to affected users on 19 January, <ref>{{Cite web \|date=2 March 2026 \|title=Notice of Data Breach \|url=https://consumer.sc.gov/sites/consumer/files/Documents/Security%20Breach%20Notices/Jason%27s%20Deli-%20Consumer%20Notice.pdf \|url-status=live \|archive-url=https://web.archive.org/web/20240202173816/https://consumer.sc.gov/sites/consumer/files/Documents/Security%20Breach%20Notices/Jason's%20Deli-%20Consumer%20Notice.pdf \|archive-date=2 February 2024 \|access-date=2 May 2026 \|website=consumer.sc.gov}}</ref>with the Office of the Maine Attorney General declaring approximately 344,000 people have been affected.<ref name=":0" /><ref name=":1" /> Five days later, Jason's Deli was faced a class action lawsuit over its failure to safeguard and secure users personal information, however it was voluntarily dismissed by plaintiff Kristen Walker on 19 March.<ref>{{Cite web \|last=Mehorter \|first=Kelly \|date=31 January 2024 \|title=Jason’s Deli Facing Class Action Over 2023 Data Breach Affecting 344K Customers \|url=https://www.classaction.org/news/jasons-deli-facing-class-action-over-2023-data-breach-affecting-344k-customers \|url-status=live \|access-date=3 May 2026 \|website=ClassAction}}</ref><ref>{{Cite web \|date=1 May 2026 \|title=Walker v. Deli Management, Inc. d/b/a Jason's Deli \|url=https://www.pacermonitor.com/public/case/52105805/Walker_v_Deli_Management,_Inc_dba_Jasons_Deli \|url-status=live \|access-date=3 May 2026 \|website=Pacermonitor}}</ref>		On 21 December 2023, Jason's Deli discovered unknown hackers had obtained account login credentials using previous data breaches that contained a users name, address, phone number, birthday, preferred Jason's locations, Deli Dollar points, [[wikipedia:PAN_truncation\|truncated credit card and gift card numbers]].<ref name=":0">{{Cite web \|last=Zurier \|first=Steve \|date=24 January 2024 \|title=Over 340,000 Jason’s Deli customers potentially impacted in credential-stuffing attack \|url=https://www.scworld.com/news/over-340000-jasons-deli-customers-potentially-impacted-in-credential-stuffing-attack \|url-status=live \|access-date=3 May 2026 \|website=SCworld}}</ref><ref name=":1">{{Cite web \|last=Langley \|first=Mitchell \|date=24 January 2024 \|title=Jason’s Deli Breach Exposes Data of Over 350K Users in Credential Stuffing Attack \|url=https://dailysecurityreview.com/security-spotlight/jasons-deli-breach/ \|url-status=live \|access-date=3 May 2026 \|website=Daily Security Review}}</ref> The company would sent a notice letter to affected users on 19 January 2024, <ref>{{Cite web \|date=2 March 2026 \|title=Notice of Data Breach \|url=https://consumer.sc.gov/sites/consumer/files/Documents/Security%20Breach%20Notices/Jason%27s%20Deli-%20Consumer%20Notice.pdf \|url-status=live \|archive-url=https://web.archive.org/web/20240202173816/https://consumer.sc.gov/sites/consumer/files/Documents/Security%20Breach%20Notices/Jason's%20Deli-%20Consumer%20Notice.pdf \|archive-date=2 February 2024 \|access-date=2 May 2026 \|website=consumer.sc.gov}}</ref>with the Office of the Maine Attorney General declaring approximately 344,000 people have been affected.<ref name=":0" /><ref name=":1" /> Five days later, Jason's Deli was faced a class action lawsuit over its failure to safeguard and secure users personal information, however it was voluntarily dismissed by plaintiff Kristen Walker on 19 March.<ref>{{Cite web \|last=Mehorter \|first=Kelly \|date=31 January 2024 \|title=Jason’s Deli Facing Class Action Over 2023 Data Breach Affecting 344K Customers \|url=https://www.classaction.org/news/jasons-deli-facing-class-action-over-2023-data-breach-affecting-344k-customers \|url-status=live \|access-date=3 May 2026 \|website=ClassAction}}</ref><ref>{{Cite web \|date=1 May 2026 \|title=Walker v. Deli Management, Inc. d/b/a Jason's Deli \|url=https://www.pacermonitor.com/public/case/52105805/Walker_v_Deli_Management,_Inc_dba_Jasons_Deli \|url-status=live \|access-date=3 May 2026 \|website=Pacermonitor}}</ref>

	==See also==		==See also==

SquidthePlummer: Added 1 more incident

2026-05-04T04:59:05Z

Added 1 more incident

← Older revision		Revision as of 04:59, 4 May 2026
Line 8:		Line 8:
	}}		}}

	Founded in 1976, '''{{Wplink\|Jason's Deli\|Jason's Deli}}''' is an American chain of fast casual restaurants ~~that's owned by the Tortorice family~~.		Founded in 1976, '''{{Wplink\|Jason's Deli\|Jason's Deli}}''' is an American chain of fast casual restaurants.

	==Consumer-impact summary==		==Consumer-impact summary==
Line 17:		Line 17:

	==Incidents==		==Incidents==
	This is a list of all consumer-protection incidents this company is involved in. Any incidents not mentioned here can be found in the [[:Category:Jason's Deli\|Jason's Deli category]].~~<!-- https://web.archive.org/web/20240202173816/https://consumer.sc.gov/sites/consumer/files/Documents/Security%20Breach%20Notices/Jason's%20Deli-%20Consumer%20Notice.pdf~~		This is a list of all consumer-protection incidents this company is involved in. Any incidents not mentioned here can be found in the [[:Category:Jason's Deli\|Jason's Deli category]].

	~~2023 incident achieved 2 May 2026 -->~~

	===Computer virus (''2010'')===		===Computer virus (''2010'')===
	Around 22 August in Memphis, Tennessee, Jason's Deli received complaints from customers claiming to experience financial fraud after making credit card purchases.<ref>{{Cite web \|last=Callahan \|first=Jody \|date=31 August 2010 \|title=Hundreds of ID thefts at Jason's Deli linked to computer virus, Secret Service says \|url=http://www.commercialappeal.com/news/2010/aug/31/many-300-id-thefts-jasons-deli-linked-computer-vir/ \|url-status=dead \|archive-url=https://web.archive.org/web/20101109145905/http://www.commercialappeal.com/news/2010/aug/31/many-300-id-thefts-jasons-deli-linked-computer-vir/ \|archive-date=9 November 2010 \|access-date=2 May 2026 \|website=The Commercial Appeal}}</ref><ref>{{Cite web \|last=Kenney \|first=Nick \|date=24 August 2010 \|title=Secret Service investigates Jason's Deli identity thefts \|url=https://www.actionnews5.com/story/13030647/secret-service-investigates-jasons-deli-identity-thefts/ \|url-status=live \|access-date=2 May 2026 \|website=Action 5 News}}</ref><ref>{{Cite web \|last=Brown \|first=Lori \|date=22 August 2010 \|title=String of identity thefts linked to East Memphis Jason's Deli \|url=https://www.actionnews5.com/story/13023532/string-of-identity-thefts-linked-to-east-memphis-jasons-deli/ \|url-status=live \|access-date=2 March 2026 \|website=Action 5 News}}</ref> Two days later United States Secret Service got involved and started investigation the attack, later pinpointing the attack originated from Russia using an unknown variation of an older type of malware affecting around 300 customers.<ref>{{Cite web \|last=Broach \|first=Janice \|date=1 September 2010 \|title=Secret Service: Computer virus to blame for Jason's Deli thefts \|url=https://www.actionnews5.com/story/13076367/secret-service-computer-virus-to-blame-for-jasons-deli-thefts/ \|url-status=live \|access-date=2 May 2026 \|website=Action News 5}}</ref><ref>{{Cite web \|date=4 September 2010 \|title=Malware used in Jason’s Deli showing up elsewhere \|url=https://databreaches.net/2010/09/04/malware-used-in-jasons-deli-showing-up-elsewhere/ \|url-status=live \|archive-url=https://web.archive.org/web/20240712114929/https://databreaches.net/2010/09/04/malware-used-in-jasons-deli-showing-up-elsewhere/ \|archive-date=12 July 2024 \|access-date=2 May 2026 \|website=Databreaches.net}}</ref><ref>{{Cite web \|date=8 September 2010 \|title=Several ID Thefts At Jason Deli’s Linked To Computer Virus \|url=https://www.spamfighter.com/News-15068-Several-ID-Thefts-At-Jason-Delis-Linked-To-Computer-Virus.htm \|url-status=live \|access-date=2 May 2026 \|website=Spamfighter.com}}</ref>		Around 22 August in Memphis, Tennessee, Jason's Deli received complaints from customers claiming to experience financial fraud after making credit card purchases.<ref>{{Cite web \|last=Callahan \|first=Jody \|date=31 August 2010 \|title=Hundreds of ID thefts at Jason's Deli linked to computer virus, Secret Service says \|url=http://www.commercialappeal.com/news/2010/aug/31/many-300-id-thefts-jasons-deli-linked-computer-vir/ \|url-status=dead \|archive-url=https://web.archive.org/web/20101109145905/http://www.commercialappeal.com/news/2010/aug/31/many-300-id-thefts-jasons-deli-linked-computer-vir/ \|archive-date=9 November 2010 \|access-date=2 May 2026 \|website=The Commercial Appeal}}</ref><ref>{{Cite web \|last=Kenney \|first=Nick \|date=24 August 2010 \|title=Secret Service investigates Jason's Deli identity thefts \|url=https://www.actionnews5.com/story/13030647/secret-service-investigates-jasons-deli-identity-thefts/ \|url-status=live \|access-date=2 May 2026 \|website=Action 5 News}}</ref><ref>{{Cite web \|last=Brown \|first=Lori \|date=22 August 2010 \|title=String of identity thefts linked to East Memphis Jason's Deli \|url=https://www.actionnews5.com/story/13023532/string-of-identity-thefts-linked-to-east-memphis-jasons-deli/ \|url-status=live \|access-date=2 March 2026 \|website=Action 5 News}}</ref> Two days later United States Secret Service got involved and started investigation the attack, later pinpointing the attack originated from Russia using an unknown variation of an older type of malware affecting around 300 customers.<ref>{{Cite web \|last=Broach \|first=Janice \|date=1 September 2010 \|title=Secret Service: Computer virus to blame for Jason's Deli thefts \|url=https://www.actionnews5.com/story/13076367/secret-service-computer-virus-to-blame-for-jasons-deli-thefts/ \|url-status=live \|access-date=2 May 2026 \|website=Action News 5}}</ref><ref>{{Cite web \|date=4 September 2010 \|title=Malware used in Jason’s Deli showing up elsewhere \|url=https://databreaches.net/2010/09/04/malware-used-in-jasons-deli-showing-up-elsewhere/ \|url-status=live \|archive-url=https://web.archive.org/web/20240712114929/https://databreaches.net/2010/09/04/malware-used-in-jasons-deli-showing-up-elsewhere/ \|archive-date=12 July 2024 \|access-date=2 May 2026 \|website=Databreaches.net}}</ref><ref>{{Cite web \|date=8 September 2010 \|title=Several ID Thefts At Jason Deli’s Linked To Computer Virus \|url=https://www.spamfighter.com/News-15068-Several-ID-Thefts-At-Jason-Delis-Linked-To-Computer-Virus.htm \|url-status=live \|access-date=2 May 2026 \|website=Spamfighter.com}}</ref>
Line 28:		Line 25:

	===Credential surfing attack (''2024'')===		===Credential surfing attack (''2024'')===
	{{~~Incomplete section~~}}		On 21 December 2023, Jason's Deli discovered unknown hackers had obtained account login credentials using previous data breaches that contained a users name, address, phone number, birthday, preferred Jason's locations, Deli Dollar points, [[wikipedia:PAN_truncation\|truncated credit card and gift card numbers]].<ref name=":0">{{Cite web \|last=Zurier \|first=Steve \|date=24 January 2024 \|title=Over 340,000 Jason’s Deli customers potentially impacted in credential-stuffing attack \|url=https://www.scworld.com/news/over-340000-jasons-deli-customers-potentially-impacted-in-credential-stuffing-attack \|url-status=live \|access-date=3 May 2026 \|website=SCworld}}</ref><ref name=":1">{{Cite web \|last=Langley \|first=Mitchell \|date=24 January 2024 \|title=Jason’s Deli Breach Exposes Data of Over 350K Users in Credential Stuffing Attack \|url=https://dailysecurityreview.com/security-spotlight/jasons-deli-breach/ \|url-status=live \|access-date=3 May 2026 \|website=Daily Security Review}}</ref> The company would sent a notice letter to affected users on 19 January, <ref>{{Cite web \|date=2 March 2026 \|title=Notice of Data Breach \|url=https://consumer.sc.gov/sites/consumer/files/Documents/Security%20Breach%20Notices/Jason%27s%20Deli-%20Consumer%20Notice.pdf \|url-status=live \|archive-url=https://web.archive.org/web/20240202173816/https://consumer.sc.gov/sites/consumer/files/Documents/Security%20Breach%20Notices/Jason's%20Deli-%20Consumer%20Notice.pdf \|archive-date=2 February 2024 \|access-date=2 May 2026 \|website=consumer.sc.gov}}</ref>with the Office of the Maine Attorney General declaring approximately 344,000 people have been affected.<ref name=":0" /><ref name=":1" /> Five days later, Jason's Deli was faced a class action lawsuit over its failure to safeguard and secure users personal information, however it was voluntarily dismissed by plaintiff Kristen Walker on 19 March.<ref>{{Cite web \|last=Mehorter \|first=Kelly \|date=31 January 2024 \|title=Jason’s Deli Facing Class Action Over 2023 Data Breach Affecting 344K Customers \|url=https://www.classaction.org/news/jasons-deli-facing-class-action-over-2023-data-breach-affecting-344k-customers \|url-status=live \|access-date=3 May 2026 \|website=ClassAction}}</ref><ref>{{Cite web \|date=1 May 2026 \|title=Walker v. Deli Management, Inc. d/b/a Jason's Deli \|url=https://www.pacermonitor.com/public/case/52105805/Walker_v_Deli_Management,_Inc_dba_Jasons_Deli \|url-status=live \|access-date=3 May 2026 \|website=Pacermonitor}}</ref>

	==See also==		==See also==

SquidthePlummer at 06:59, 3 May 2026

2026-05-03T06:59:52Z

← Older revision		Revision as of 06:59, 3 May 2026
Line 17:		Line 17:

	==Incidents==		==Incidents==
	This is a list of all consumer-protection incidents this company is involved in. Any incidents not mentioned here can be found in the [[:Category:Jason's Deli\|Jason's Deli category]].		This is a list of all consumer-protection incidents this company is involved in. Any incidents not mentioned here can be found in the [[:Category:Jason's Deli\|Jason's Deli category]].<!-- https://web.archive.org/web/20240202173816/https://consumer.sc.gov/sites/consumer/files/Documents/Security%20Breach%20Notices/Jason's%20Deli-%20Consumer%20Notice.pdf

	=== Computer virus (''2010'') ===		2023 incident achieved 2 May 2026 -->

			===Computer virus (''2010'')===
	Around 22 August in Memphis, Tennessee, Jason's Deli received complaints from customers claiming to experience financial fraud after making credit card purchases.<ref>{{Cite web \|last=Callahan \|first=Jody \|date=31 August 2010 \|title=Hundreds of ID thefts at Jason's Deli linked to computer virus, Secret Service says \|url=http://www.commercialappeal.com/news/2010/aug/31/many-300-id-thefts-jasons-deli-linked-computer-vir/ \|url-status=dead \|archive-url=https://web.archive.org/web/20101109145905/http://www.commercialappeal.com/news/2010/aug/31/many-300-id-thefts-jasons-deli-linked-computer-vir/ \|archive-date=9 November 2010 \|access-date=2 May 2026 \|website=The Commercial Appeal}}</ref><ref>{{Cite web \|last=Kenney \|first=Nick \|date=24 August 2010 \|title=Secret Service investigates Jason's Deli identity thefts \|url=https://www.actionnews5.com/story/13030647/secret-service-investigates-jasons-deli-identity-thefts/ \|url-status=live \|access-date=2 May 2026 \|website=Action 5 News}}</ref><ref>{{Cite web \|last=Brown \|first=Lori \|date=22 August 2010 \|title=String of identity thefts linked to East Memphis Jason's Deli \|url=https://www.actionnews5.com/story/13023532/string-of-identity-thefts-linked-to-east-memphis-jasons-deli/ \|url-status=live \|access-date=2 March 2026 \|website=Action 5 News}}</ref> Two days later United States Secret Service got involved and started investigation the attack, later pinpointing the attack originated from Russia using an unknown variation of an older type of malware affecting around 300 customers.<ref>{{Cite web \|last=Broach \|first=Janice \|date=1 September 2010 \|title=Secret Service: Computer virus to blame for Jason's Deli thefts \|url=https://www.actionnews5.com/story/13076367/secret-service-computer-virus-to-blame-for-jasons-deli-thefts/ \|url-status=live \|access-date=2 May 2026 \|website=Action News 5}}</ref><ref>{{Cite web \|date=4 September 2010 \|title=Malware used in Jason’s Deli showing up elsewhere \|url=https://databreaches.net/2010/09/04/malware-used-in-jasons-deli-showing-up-elsewhere/ \|url-status=live \|archive-url=https://web.archive.org/web/20240712114929/https://databreaches.net/2010/09/04/malware-used-in-jasons-deli-showing-up-elsewhere/ \|archive-date=12 July 2024 \|access-date=2 May 2026 \|website=Databreaches.net}}</ref><ref>{{Cite web \|date=8 September 2010 \|title=Several ID Thefts At Jason Deli’s Linked To Computer Virus \|url=https://www.spamfighter.com/News-15068-Several-ID-Thefts-At-Jason-Delis-Linked-To-Computer-Virus.htm \|url-status=live \|access-date=2 May 2026 \|website=Spamfighter.com}}</ref>		Around 22 August in Memphis, Tennessee, Jason's Deli received complaints from customers claiming to experience financial fraud after making credit card purchases.<ref>{{Cite web \|last=Callahan \|first=Jody \|date=31 August 2010 \|title=Hundreds of ID thefts at Jason's Deli linked to computer virus, Secret Service says \|url=http://www.commercialappeal.com/news/2010/aug/31/many-300-id-thefts-jasons-deli-linked-computer-vir/ \|url-status=dead \|archive-url=https://web.archive.org/web/20101109145905/http://www.commercialappeal.com/news/2010/aug/31/many-300-id-thefts-jasons-deli-linked-computer-vir/ \|archive-date=9 November 2010 \|access-date=2 May 2026 \|website=The Commercial Appeal}}</ref><ref>{{Cite web \|last=Kenney \|first=Nick \|date=24 August 2010 \|title=Secret Service investigates Jason's Deli identity thefts \|url=https://www.actionnews5.com/story/13030647/secret-service-investigates-jasons-deli-identity-thefts/ \|url-status=live \|access-date=2 May 2026 \|website=Action 5 News}}</ref><ref>{{Cite web \|last=Brown \|first=Lori \|date=22 August 2010 \|title=String of identity thefts linked to East Memphis Jason's Deli \|url=https://www.actionnews5.com/story/13023532/string-of-identity-thefts-linked-to-east-memphis-jasons-deli/ \|url-status=live \|access-date=2 March 2026 \|website=Action 5 News}}</ref> Two days later United States Secret Service got involved and started investigation the attack, later pinpointing the attack originated from Russia using an unknown variation of an older type of malware affecting around 300 customers.<ref>{{Cite web \|last=Broach \|first=Janice \|date=1 September 2010 \|title=Secret Service: Computer virus to blame for Jason's Deli thefts \|url=https://www.actionnews5.com/story/13076367/secret-service-computer-virus-to-blame-for-jasons-deli-thefts/ \|url-status=live \|access-date=2 May 2026 \|website=Action News 5}}</ref><ref>{{Cite web \|date=4 September 2010 \|title=Malware used in Jason’s Deli showing up elsewhere \|url=https://databreaches.net/2010/09/04/malware-used-in-jasons-deli-showing-up-elsewhere/ \|url-status=live \|archive-url=https://web.archive.org/web/20240712114929/https://databreaches.net/2010/09/04/malware-used-in-jasons-deli-showing-up-elsewhere/ \|archive-date=12 July 2024 \|access-date=2 May 2026 \|website=Databreaches.net}}</ref><ref>{{Cite web \|date=8 September 2010 \|title=Several ID Thefts At Jason Deli’s Linked To Computer Virus \|url=https://www.spamfighter.com/News-15068-Several-ID-Thefts-At-Jason-Delis-Linked-To-Computer-Virus.htm \|url-status=live \|access-date=2 May 2026 \|website=Spamfighter.com}}</ref>

Line 25:		Line 27:
	Jason's Deli was notified of the breach on 22 December 2017 after being informed by payment processors that several customers financial information was being sold on the dark web, leading to a statement 6 days later announcing the breach and undergoing an investigation.<ref>{{Cite web \|last=Krebs \|first=Brian \|date=28 December 2017 \|title=4 Years After Target, the Little Guy is the Target \|url=https://krebsonsecurity.com/2017/12/4-years-after-target-the-little-guy-is-the-target/ \|url-status=live \|archive-url=https://web.archive.org/web/20171228155612/https://krebsonsecurity.com/2017/12/4-years-after-target-the-little-guy-is-the-target/ \|archive-date=28 December 2017 \|access-date=2 May 2026 \|website=Krebsonsecurity}}</ref>'''<ref>{{Cite web \|date=29 December 2017 \|title=Jason’s Deli reveals possible data breach, spokesperson says area locations not believed to be affected \|url=https://www.wbbjtv.com/2017/12/29/jasons-deli-reveals-possible-data-breach-spokesperson-says-area-locations-not-believed-affected/ \|url-status=live \|access-date=2 May 2026 \|website=WBBJ}}</ref>'''<ref>{{Cite web \|date=2 May 2026 \|title=Statement Of Jason's Deli Regarding Customer Financial Data \|url=https://itsyourcreditreport.com/wp-content/uploads/2018/01/2018.01.11-Jasons-Deli-Statement-Data-Breach-1.pdf \|url-status=live \|archive-url=https://web.archive.org/web/20240622234601/https://itsyourcreditreport.com/wp-content/uploads/2018/01/2018.01.11-Jasons-Deli-Statement-Data-Breach-1.pdf \|archive-date=22 June 2024 \|access-date=2 May 2026 \|website=itsyourcreditreport.com}}</ref> Between statements released on 11 January and 18 May 2018,<ref>{{Cite web \|date=11 January 2018 \|title=Notice of a Data Security Breach \|url=https://dn721809.ca.archive.org/0/items/cadoj_sb24-132606_deli-management--inc---d-b-a-jason-s-deli--inc--/California%20OAG%20-%20Notice%20of%20a%20Data%20Security%20Breach%20dated%201-11-2018_0.pdf \|url-status=live \|archive-url= \|archive-date= \|access-date=2 May 2026 \|website=Wayback Machine}}</ref><ref>{{Cite web \|date=18 May 2018 \|title=NOTICE OF DATA BREACH \|url=https://consumer.sc.gov/sites/consumer/files/Documents/Security%20Breach%20Notices/Deli%20Management%2C%20Inc.%20dba%20Jasons%20Deli%2C%20Inc.%2011%20Jan%2018%20-%20Consumer%20Notice.pdf \|url-status=live \|archive-url=https://web.archive.org/web/20250803210719/https://consumer.sc.gov/sites/consumer/files/Documents/Security%20Breach%20Notices/Deli%20Management%2C%20Inc.%20dba%20Jasons%20Deli%2C%20Inc.%2011%20Jan%2018%20-%20Consumer%20Notice.pdf \|archive-date=3 August 2025 \|access-date=2 May 2026 \|website=consumersc.gov}}</ref><ref>{{Cite web \|date=11 January 2018 \|title=Notice Of Data Breach \|url=https://www.jasonsdeli.com/data-breach \|url-status=dead \|archive-url=https://web.archive.org/web/20180112221012/https://www.jasonsdeli.com/data-breach \|archive-date=12 January 2018 \|access-date=2 May 2026 \|website=Jason's Deli}}</ref> the company announced that the unknown attackers infiltrated Jason's Deli's '''[[wikipedia:Point_of_sale\|point of sale systems]]''' affecting around 3.4 million customers using RAM-scraping malware across 164 locations starting 8 June through 29 December 2017.<ref>{{Cite web \|last=Schwartz \|first=Mathew \|date=19 January 2018 \|title=Jason's Deli: Hackers Dine Out on 2 Million Payment Cards \|url=https://www.bankinfosecurity.com/blogs/jasons-deli-hackers-dine-out-on-2-million-payment-cards-p-2584 \|url-status=live \|access-date=2 May 2026 \|website=bankinfosecurity}}</ref><ref>{{Cite web \|last=Klein \|first=Danny \|date=15 January 2018 \|title=Jason’s Deli: Data Breach Could Affect 2 Million Cards \|url=https://www.qsrmagazine.com/news/jasons-deli-data-breach-could-affect-2-million-cards/ \|url-status=live \|access-date=2 May 2026 \|website=QSR Magazine}}</ref>		Jason's Deli was notified of the breach on 22 December 2017 after being informed by payment processors that several customers financial information was being sold on the dark web, leading to a statement 6 days later announcing the breach and undergoing an investigation.<ref>{{Cite web \|last=Krebs \|first=Brian \|date=28 December 2017 \|title=4 Years After Target, the Little Guy is the Target \|url=https://krebsonsecurity.com/2017/12/4-years-after-target-the-little-guy-is-the-target/ \|url-status=live \|archive-url=https://web.archive.org/web/20171228155612/https://krebsonsecurity.com/2017/12/4-years-after-target-the-little-guy-is-the-target/ \|archive-date=28 December 2017 \|access-date=2 May 2026 \|website=Krebsonsecurity}}</ref>'''<ref>{{Cite web \|date=29 December 2017 \|title=Jason’s Deli reveals possible data breach, spokesperson says area locations not believed to be affected \|url=https://www.wbbjtv.com/2017/12/29/jasons-deli-reveals-possible-data-breach-spokesperson-says-area-locations-not-believed-affected/ \|url-status=live \|access-date=2 May 2026 \|website=WBBJ}}</ref>'''<ref>{{Cite web \|date=2 May 2026 \|title=Statement Of Jason's Deli Regarding Customer Financial Data \|url=https://itsyourcreditreport.com/wp-content/uploads/2018/01/2018.01.11-Jasons-Deli-Statement-Data-Breach-1.pdf \|url-status=live \|archive-url=https://web.archive.org/web/20240622234601/https://itsyourcreditreport.com/wp-content/uploads/2018/01/2018.01.11-Jasons-Deli-Statement-Data-Breach-1.pdf \|archive-date=22 June 2024 \|access-date=2 May 2026 \|website=itsyourcreditreport.com}}</ref> Between statements released on 11 January and 18 May 2018,<ref>{{Cite web \|date=11 January 2018 \|title=Notice of a Data Security Breach \|url=https://dn721809.ca.archive.org/0/items/cadoj_sb24-132606_deli-management--inc---d-b-a-jason-s-deli--inc--/California%20OAG%20-%20Notice%20of%20a%20Data%20Security%20Breach%20dated%201-11-2018_0.pdf \|url-status=live \|archive-url= \|archive-date= \|access-date=2 May 2026 \|website=Wayback Machine}}</ref><ref>{{Cite web \|date=18 May 2018 \|title=NOTICE OF DATA BREACH \|url=https://consumer.sc.gov/sites/consumer/files/Documents/Security%20Breach%20Notices/Deli%20Management%2C%20Inc.%20dba%20Jasons%20Deli%2C%20Inc.%2011%20Jan%2018%20-%20Consumer%20Notice.pdf \|url-status=live \|archive-url=https://web.archive.org/web/20250803210719/https://consumer.sc.gov/sites/consumer/files/Documents/Security%20Breach%20Notices/Deli%20Management%2C%20Inc.%20dba%20Jasons%20Deli%2C%20Inc.%2011%20Jan%2018%20-%20Consumer%20Notice.pdf \|archive-date=3 August 2025 \|access-date=2 May 2026 \|website=consumersc.gov}}</ref><ref>{{Cite web \|date=11 January 2018 \|title=Notice Of Data Breach \|url=https://www.jasonsdeli.com/data-breach \|url-status=dead \|archive-url=https://web.archive.org/web/20180112221012/https://www.jasonsdeli.com/data-breach \|archive-date=12 January 2018 \|access-date=2 May 2026 \|website=Jason's Deli}}</ref> the company announced that the unknown attackers infiltrated Jason's Deli's '''[[wikipedia:Point_of_sale\|point of sale systems]]''' affecting around 3.4 million customers using RAM-scraping malware across 164 locations starting 8 June through 29 December 2017.<ref>{{Cite web \|last=Schwartz \|first=Mathew \|date=19 January 2018 \|title=Jason's Deli: Hackers Dine Out on 2 Million Payment Cards \|url=https://www.bankinfosecurity.com/blogs/jasons-deli-hackers-dine-out-on-2-million-payment-cards-p-2584 \|url-status=live \|access-date=2 May 2026 \|website=bankinfosecurity}}</ref><ref>{{Cite web \|last=Klein \|first=Danny \|date=15 January 2018 \|title=Jason’s Deli: Data Breach Could Affect 2 Million Cards \|url=https://www.qsrmagazine.com/news/jasons-deli-data-breach-could-affect-2-million-cards/ \|url-status=live \|access-date=2 May 2026 \|website=QSR Magazine}}</ref>

	=== Credential surfing attack (''2024'') ===		===Credential surfing attack (''2024'')===
			{{Incomplete section}}

	==See also==		==See also==

SquidthePlummer: added Jason Deli incident, tho incomplete but mostly done

2026-05-03T06:57:54Z

added Jason Deli incident, tho incomplete but mostly done

New page

{{CompanyCargo
| Logo = Jason's Deli logo.png
| Industry = Food
| Founded = 30 November 1976
| Type = Private
| Website = http://www.jasonsdeli.com/
| Description = A family owned fast food restaurant chain specializing in a variety of sandwiches.
}}

Founded in 1976, '''{{Wplink|Jason's Deli|Jason's Deli}}''' is an American chain of fast casual restaurants that's owned by the Tortorice family.

==Consumer-impact summary==

*'''User Freedom:''' Users can update, correct, and delete personal information of their accounts under the “My Profile” menu selection or via email.
*'''User Privacy:''' Depending on the users interactions and involvement with their services, it may collects information including "''name, email address, mailing address, location, payment information, and other comparable information"'' along usage of ''"session and persistent cookies, web beacons, clear gifs, session IDs, successor tracker technology and other similar technologies as you navigate the Site and material displayed thereon"'' that's disclosed to third parties, franchisee owners, and business partners for marketing, supplementing or verifying the accuracy of users information, and service related improvements, however mobile information is not sold or shared to advertisers or affiliates for marketing purposes.
*'''Business Model:''' Delves into food transitions including sandwiches, wraps, baked potatoes, pasta, soups, salads, and desserts.

==Incidents==
This is a list of all consumer-protection incidents this company is involved in. Any incidents not mentioned here can be found in the [[:Category:Jason's Deli|Jason's Deli category]].

=== Computer virus (''2010'') ===
Around 22 August in Memphis, Tennessee, Jason's Deli received complaints from customers claiming to experience financial fraud after making credit card purchases.<ref>{{Cite web |last=Callahan |first=Jody |date=31 August 2010 |title=Hundreds of ID thefts at Jason's Deli linked to computer virus, Secret Service says |url=http://www.commercialappeal.com/news/2010/aug/31/many-300-id-thefts-jasons-deli-linked-computer-vir/ |url-status=dead |archive-url=https://web.archive.org/web/20101109145905/http://www.commercialappeal.com/news/2010/aug/31/many-300-id-thefts-jasons-deli-linked-computer-vir/ |archive-date=9 November 2010 |access-date=2 May 2026 |website=The Commercial Appeal}}</ref><ref>{{Cite web |last=Kenney |first=Nick |date=24 August 2010 |title=Secret Service investigates Jason's Deli identity thefts |url=https://www.actionnews5.com/story/13030647/secret-service-investigates-jasons-deli-identity-thefts/ |url-status=live |access-date=2 May 2026 |website=Action 5 News}}</ref><ref>{{Cite web |last=Brown |first=Lori |date=22 August 2010 |title=String of identity thefts linked to East Memphis Jason's Deli |url=https://www.actionnews5.com/story/13023532/string-of-identity-thefts-linked-to-east-memphis-jasons-deli/ |url-status=live |access-date=2 March 2026 |website=Action 5 News}}</ref> Two days later United States Secret Service got involved and started investigation the attack, later pinpointing the attack originated from Russia using an unknown variation of an older type of malware affecting around 300 customers.<ref>{{Cite web |last=Broach |first=Janice |date=1 September 2010 |title=Secret Service: Computer virus to blame for Jason's Deli thefts |url=https://www.actionnews5.com/story/13076367/secret-service-computer-virus-to-blame-for-jasons-deli-thefts/ |url-status=live |access-date=2 May 2026 |website=Action News 5}}</ref><ref>{{Cite web |date=4 September 2010 |title=Malware used in Jason’s Deli showing up elsewhere |url=https://databreaches.net/2010/09/04/malware-used-in-jasons-deli-showing-up-elsewhere/ |url-status=live |archive-url=https://web.archive.org/web/20240712114929/https://databreaches.net/2010/09/04/malware-used-in-jasons-deli-showing-up-elsewhere/ |archive-date=12 July 2024 |access-date=2 May 2026 |website=Databreaches.net}}</ref><ref>{{Cite web |date=8 September 2010 |title=Several ID Thefts At Jason Deli’s Linked To Computer Virus |url=https://www.spamfighter.com/News-15068-Several-ID-Thefts-At-Jason-Delis-Linked-To-Computer-Virus.htm |url-status=live |access-date=2 May 2026 |website=Spamfighter.com}}</ref>

===2 Million customer data breach (''2018'')===
Jason's Deli was notified of the breach on 22 December 2017 after being informed by payment processors that several customers financial information was being sold on the dark web, leading to a statement 6 days later announcing the breach and undergoing an investigation.<ref>{{Cite web |last=Krebs |first=Brian |date=28 December 2017 |title=4 Years After Target, the Little Guy is the Target |url=https://krebsonsecurity.com/2017/12/4-years-after-target-the-little-guy-is-the-target/ |url-status=live |archive-url=https://web.archive.org/web/20171228155612/https://krebsonsecurity.com/2017/12/4-years-after-target-the-little-guy-is-the-target/ |archive-date=28 December 2017 |access-date=2 May 2026 |website=Krebsonsecurity}}</ref>'''<ref>{{Cite web |date=29 December 2017 |title=Jason’s Deli reveals possible data breach, spokesperson says area locations not believed to be affected |url=https://www.wbbjtv.com/2017/12/29/jasons-deli-reveals-possible-data-breach-spokesperson-says-area-locations-not-believed-affected/ |url-status=live |access-date=2 May 2026 |website=WBBJ}}</ref>'''<ref>{{Cite web |date=2 May 2026 |title=Statement Of Jason's Deli Regarding Customer Financial Data |url=https://itsyourcreditreport.com/wp-content/uploads/2018/01/2018.01.11-Jasons-Deli-Statement-Data-Breach-1.pdf |url-status=live |archive-url=https://web.archive.org/web/20240622234601/https://itsyourcreditreport.com/wp-content/uploads/2018/01/2018.01.11-Jasons-Deli-Statement-Data-Breach-1.pdf |archive-date=22 June 2024 |access-date=2 May 2026 |website=itsyourcreditreport.com}}</ref> Between statements released on 11 January and 18 May 2018,<ref>{{Cite web |date=11 January 2018 |title=Notice of a Data Security Breach |url=https://dn721809.ca.archive.org/0/items/cadoj_sb24-132606_deli-management--inc---d-b-a-jason-s-deli--inc--/California%20OAG%20-%20Notice%20of%20a%20Data%20Security%20Breach%20dated%201-11-2018_0.pdf |url-status=live |archive-url= |archive-date= |access-date=2 May 2026 |website=Wayback Machine}}</ref><ref>{{Cite web |date=18 May 2018 |title=NOTICE OF DATA BREACH |url=https://consumer.sc.gov/sites/consumer/files/Documents/Security%20Breach%20Notices/Deli%20Management%2C%20Inc.%20dba%20Jasons%20Deli%2C%20Inc.%2011%20Jan%2018%20-%20Consumer%20Notice.pdf |url-status=live |archive-url=https://web.archive.org/web/20250803210719/https://consumer.sc.gov/sites/consumer/files/Documents/Security%20Breach%20Notices/Deli%20Management%2C%20Inc.%20dba%20Jasons%20Deli%2C%20Inc.%2011%20Jan%2018%20-%20Consumer%20Notice.pdf |archive-date=3 August 2025 |access-date=2 May 2026 |website=consumersc.gov}}</ref><ref>{{Cite web |date=11 January 2018 |title=Notice Of Data Breach |url=https://www.jasonsdeli.com/data-breach |url-status=dead |archive-url=https://web.archive.org/web/20180112221012/https://www.jasonsdeli.com/data-breach |archive-date=12 January 2018 |access-date=2 May 2026 |website=Jason's Deli}}</ref> the company announced that the unknown attackers infiltrated Jason's Deli's '''[[wikipedia:Point_of_sale|point of sale systems]]''' affecting around 3.4 million customers using RAM-scraping malware across 164 locations starting 8 June through 29 December 2017.<ref>{{Cite web |last=Schwartz |first=Mathew |date=19 January 2018 |title=Jason's Deli: Hackers Dine Out on 2 Million Payment Cards |url=https://www.bankinfosecurity.com/blogs/jasons-deli-hackers-dine-out-on-2-million-payment-cards-p-2584 |url-status=live |access-date=2 May 2026 |website=bankinfosecurity}}</ref><ref>{{Cite web |last=Klein |first=Danny |date=15 January 2018 |title=Jason’s Deli: Data Breach Could Affect 2 Million Cards |url=https://www.qsrmagazine.com/news/jasons-deli-data-breach-could-affect-2-million-cards/ |url-status=live |access-date=2 May 2026 |website=QSR Magazine}}</ref>

=== Credential surfing attack (''2024'') ===

==See also==

*[[Subway]]
*[[Jimmy John's]]
*[[Shoney's]]

==References==
{{Reflist}}
[[Category:Jason's Deli]]