Jason's Deli: Difference between revisions

Jason's Deli
Basic information
Founded	30 November 1976
Legal Structure	Private
Industry	Food
Also known as
Official website	http://www.jasonsdeli.com/

← Older edit

VisualWikitext

Latest revision as of 05:10, 4 May 2026

Founded in 1976, Jason's Deli is an American chain of fast casual restaurants.

Consumer-impact summary

User Freedom: Users can update, correct, and delete personal information of their accounts under the “My Profile” menu selection or via email.
User Privacy: Depending on the users interactions and involvement with their services, it may collects information including "name, email address, mailing address, location, payment information, and other comparable information" along usage of "session and persistent cookies, web beacons, clear gifs, session IDs, successor tracker technology and other similar technologies as you navigate the Site and material displayed thereon" that's disclosed to third parties, franchisee owners, and business partners for marketing, supplementing or verifying the accuracy of users information, and service related improvements, however mobile information is not sold or shared to advertisers or affiliates for marketing purposes.
Business Model: Delves into food transitions including sandwiches, wraps, baked potatoes, pasta, soups, salads, and desserts.

Incidents

This is a list of all consumer-protection incidents this company is involved in. Any incidents not mentioned here can be found in the Jason's Deli category.

Computer virus (2010)

Around 22 August in Memphis, Tennessee, Jason's Deli received complaints from customers claiming to experience financial fraud after making credit card purchases.^[1]^[2]^[3] Two days later United States Secret Service got involved and started investigation the attack, later pinpointing the attack originated from Russia using an unknown variation of an older type of malware affecting around 300 customers.^[4]^[5]^[6]

2 Million customer data breach (2018)

Jason's Deli was notified of the breach on 22 December 2017 after being informed by payment processors that several customers financial information was being sold on the dark web, leading to a statement 6 days later announcing the breach and undergoing an investigation.^[7]^[8]^[9] Between statements released on 11 January and 18 May 2018,^[10]^[11]^[12] the company announced that the unknown attackers infiltrated Jason's Deli's point of sale systems affecting around 3.4 million customers using RAM-scraping malware across 164 locations starting 8 June through 29 December 2017.^[13]^[14]

Credential surfing attack (2024)

On 21 December 2023, Jason's Deli discovered unknown hackers had obtained account login credentials using previous data breaches that contained a users name, address, phone number, birthday, preferred Jason's locations, Deli Dollar points, truncated credit card and gift card numbers.^[15]^[16] The company would sent a notice letter to affected users on 19 January 2024, ^[17]with the Office of the Maine Attorney General declaring approximately 344,000 people have been affected.^[15]^[16] Five days later, Jason's Deli was faced a class action lawsuit over its failure to safeguard and secure users personal information, however it was voluntarily dismissed by plaintiff Kristen Walker 2 months later on 19 March.^[18]^[19]

References

↑ Callahan, Jody (31 August 2010). "Hundreds of ID thefts at Jason's Deli linked to computer virus, Secret Service says". The Commercial Appeal. Archived from the original on 9 November 2010. Retrieved 2 May 2026.
↑ Kenney, Nick (24 August 2010). "Secret Service investigates Jason's Deli identity thefts". Action 5 News. Retrieved 2 May 2026.{{cite web}}: CS1 maint: url-status (link)
↑ Brown, Lori (22 August 2010). "String of identity thefts linked to East Memphis Jason's Deli". Action 5 News. Retrieved 2 March 2026.{{cite web}}: CS1 maint: url-status (link)
↑ Broach, Janice (1 September 2010). "Secret Service: Computer virus to blame for Jason's Deli thefts". Action News 5. Retrieved 2 May 2026.{{cite web}}: CS1 maint: url-status (link)
↑ "Malware used in Jason's Deli showing up elsewhere". Databreaches.net. 4 September 2010. Archived from the original on 12 July 2024. Retrieved 2 May 2026.
↑ "Several ID Thefts At Jason Deli's Linked To Computer Virus". Spamfighter.com. 8 September 2010. Retrieved 2 May 2026.{{cite web}}: CS1 maint: url-status (link)
↑ Krebs, Brian (28 December 2017). "4 Years After Target, the Little Guy is the Target". Krebsonsecurity. Archived from the original on 28 December 2017. Retrieved 2 May 2026.
↑ "Jason's Deli reveals possible data breach, spokesperson says area locations not believed to be affected". WBBJ. 29 December 2017. Retrieved 2 May 2026.{{cite web}}: CS1 maint: url-status (link)
↑ "Statement Of Jason's Deli Regarding Customer Financial Data" (PDF). itsyourcreditreport.com. 2 May 2026. Archived (PDF) from the original on 22 June 2024. Retrieved 2 May 2026.
↑ "Notice of a Data Security Breach" (PDF). Wayback Machine. 11 January 2018. Retrieved 2 May 2026.{{cite web}}: CS1 maint: url-status (link)
↑ "NOTICE OF DATA BREACH" (PDF). consumersc.gov. 18 May 2018. Archived (PDF) from the original on 3 August 2025. Retrieved 2 May 2026.
↑ "Notice Of Data Breach". Jason's Deli. 11 January 2018. Archived from the original on 12 January 2018. Retrieved 2 May 2026.
↑ Schwartz, Mathew (19 January 2018). "Jason's Deli: Hackers Dine Out on 2 Million Payment Cards". bankinfosecurity. Retrieved 2 May 2026.{{cite web}}: CS1 maint: url-status (link)
↑ Klein, Danny (15 January 2018). "Jason's Deli: Data Breach Could Affect 2 Million Cards". QSR Magazine. Retrieved 2 May 2026.{{cite web}}: CS1 maint: url-status (link)
↑ ^15.0 ^15.1 Zurier, Steve (24 January 2024). "Over 340,000 Jason's Deli customers potentially impacted in credential-stuffing attack". SCworld. Retrieved 3 May 2026.{{cite web}}: CS1 maint: url-status (link)
↑ ^16.0 ^16.1 Langley, Mitchell (24 January 2024). "Jason's Deli Breach Exposes Data of Over 350K Users in Credential Stuffing Attack". Daily Security Review. Retrieved 3 May 2026.{{cite web}}: CS1 maint: url-status (link)
↑ "Notice of Data Breach" (PDF). consumer.sc.gov. 2 March 2026. Archived (PDF) from the original on 2 February 2024. Retrieved 2 May 2026.
↑ Mehorter, Kelly (31 January 2024). "Jason's Deli Facing Class Action Over 2023 Data Breach Affecting 344K Customers". ClassAction. Retrieved 3 May 2026.{{cite web}}: CS1 maint: url-status (link)
↑ "Walker v. Deli Management, Inc. d/b/a Jason's Deli". Pacermonitor. 1 May 2026. Retrieved 3 May 2026.{{cite web}}: CS1 maint: url-status (link)

[1] Callahan, Jody (31 August 2010). "Hundreds of ID thefts at Jason's Deli linked to computer virus, Secret Service says". The Commercial Appeal. Archived from the original on 9 November 2010. Retrieved 2 May 2026.

[2] Kenney, Nick (24 August 2010). "Secret Service investigates Jason's Deli identity thefts". Action 5 News. Retrieved 2 May 2026.{{cite web}}: CS1 maint: url-status (link)

[3] Brown, Lori (22 August 2010). "String of identity thefts linked to East Memphis Jason's Deli". Action 5 News. Retrieved 2 March 2026.{{cite web}}: CS1 maint: url-status (link)

[4] Broach, Janice (1 September 2010). "Secret Service: Computer virus to blame for Jason's Deli thefts". Action News 5. Retrieved 2 May 2026.{{cite web}}: CS1 maint: url-status (link)

[5] "Malware used in Jason's Deli showing up elsewhere". Databreaches.net. 4 September 2010. Archived from the original on 12 July 2024. Retrieved 2 May 2026.

[6] "Several ID Thefts At Jason Deli's Linked To Computer Virus". Spamfighter.com. 8 September 2010. Retrieved 2 May 2026.{{cite web}}: CS1 maint: url-status (link)

[7] Krebs, Brian (28 December 2017). "4 Years After Target, the Little Guy is the Target". Krebsonsecurity. Archived from the original on 28 December 2017. Retrieved 2 May 2026.

[8] "Jason's Deli reveals possible data breach, spokesperson says area locations not believed to be affected". WBBJ. 29 December 2017. Retrieved 2 May 2026.{{cite web}}: CS1 maint: url-status (link)

[9] "Statement Of Jason's Deli Regarding Customer Financial Data" (PDF). itsyourcreditreport.com. 2 May 2026. Archived (PDF) from the original on 22 June 2024. Retrieved 2 May 2026.

[10] "Notice of a Data Security Breach" (PDF). Wayback Machine. 11 January 2018. Retrieved 2 May 2026.{{cite web}}: CS1 maint: url-status (link)

[11] "NOTICE OF DATA BREACH" (PDF). consumersc.gov. 18 May 2018. Archived (PDF) from the original on 3 August 2025. Retrieved 2 May 2026.

[12] "Notice Of Data Breach". Jason's Deli. 11 January 2018. Archived from the original on 12 January 2018. Retrieved 2 May 2026.

[13] Schwartz, Mathew (19 January 2018). "Jason's Deli: Hackers Dine Out on 2 Million Payment Cards". bankinfosecurity. Retrieved 2 May 2026.{{cite web}}: CS1 maint: url-status (link)

[14] Klein, Danny (15 January 2018). "Jason's Deli: Data Breach Could Affect 2 Million Cards". QSR Magazine. Retrieved 2 May 2026.{{cite web}}: CS1 maint: url-status (link)

[:0-15] 15.0 ^15.1 Zurier, Steve (24 January 2024). "Over 340,000 Jason's Deli customers potentially impacted in credential-stuffing attack". SCworld. Retrieved 3 May 2026.{{cite web}}: CS1 maint: url-status (link)

[:1-16] 16.0 ^16.1 Langley, Mitchell (24 January 2024). "Jason's Deli Breach Exposes Data of Over 350K Users in Credential Stuffing Attack". Daily Security Review. Retrieved 3 May 2026.{{cite web}}: CS1 maint: url-status (link)

[17] "Notice of Data Breach" (PDF). consumer.sc.gov. 2 March 2026. Archived (PDF) from the original on 2 February 2024. Retrieved 2 May 2026.

[18] Mehorter, Kelly (31 January 2024). "Jason's Deli Facing Class Action Over 2023 Data Breach Affecting 344K Customers". ClassAction. Retrieved 3 May 2026.{{cite web}}: CS1 maint: url-status (link)

[19] "Walker v. Deli Management, Inc. d/b/a Jason's Deli". Pacermonitor. 1 May 2026. Retrieved 3 May 2026.{{cite web}}: CS1 maint: url-status (link)

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

[14]

[15]

[16]

[17]

[18]

[19]

@@ Line 8: / Line 8: @@
 }}
-Founded in 1976, '''{{Wplink|Jason's Deli|Jason's Deli}}''' is an American chain of fast casual restaurants that's owned by the Tortorice family.
+Founded in 1976, '''{{Wplink|Jason's Deli|Jason's Deli}}''' is an American chain of fast casual restaurants.
 ==Consumer-impact summary==
@@ Line 17: / Line 17: @@
 ==Incidents==
-This is a list of all consumer-protection incidents this company is involved in. Any incidents not mentioned here can be found in the [[:Category:Jason's Deli|Jason's Deli category]].<!-- https://web.archive.org/web/20240202173816/https://consumer.sc.gov/sites/consumer/files/Documents/Security%20Breach%20Notices/Jason's%20Deli-%20Consumer%20Notice.pdf
+This is a list of all consumer-protection incidents this company is involved in. Any incidents not mentioned here can be found in the [[:Category:Jason's Deli|Jason's Deli category]].
-incident achieved 2 May 2026  -->
 ===Computer virus (''2010'')===
 Around 22 August in Memphis, Tennessee, Jason's Deli received complaints from customers claiming to experience financial fraud after making credit card purchases.<ref>{{Cite web |last=Callahan |first=Jody |date=31 August 2010 |title=Hundreds of ID thefts at Jason's Deli linked to computer virus, Secret Service says |url=http://www.commercialappeal.com/news/2010/aug/31/many-300-id-thefts-jasons-deli-linked-computer-vir/ |url-status=dead |archive-url=https://web.archive.org/web/20101109145905/http://www.commercialappeal.com/news/2010/aug/31/many-300-id-thefts-jasons-deli-linked-computer-vir/ |archive-date=9 November 2010 |access-date=2 May 2026 |website=The Commercial Appeal}}</ref><ref>{{Cite web |last=Kenney |first=Nick |date=24 August 2010 |title=Secret Service investigates Jason's Deli identity thefts |url=https://www.actionnews5.com/story/13030647/secret-service-investigates-jasons-deli-identity-thefts/ |url-status=live |access-date=2 May 2026 |website=Action 5 News}}</ref><ref>{{Cite web |last=Brown |first=Lori |date=22 August 2010 |title=String of identity thefts linked to East Memphis Jason's Deli |url=https://www.actionnews5.com/story/13023532/string-of-identity-thefts-linked-to-east-memphis-jasons-deli/ |url-status=live |access-date=2 March 2026 |website=Action 5 News}}</ref> Two days later United States Secret Service got involved and started investigation the attack, later pinpointing the attack originated from Russia using an unknown variation of an older type of malware affecting around 300 customers.<ref>{{Cite web |last=Broach |first=Janice |date=1 September 2010 |title=Secret Service: Computer virus to blame for Jason's Deli thefts |url=https://www.actionnews5.com/story/13076367/secret-service-computer-virus-to-blame-for-jasons-deli-thefts/ |url-status=live |access-date=2 May 2026 |website=Action News 5}}</ref><ref>{{Cite web |date=4 September 2010 |title=Malware used in Jason’s Deli showing up elsewhere |url=https://databreaches.net/2010/09/04/malware-used-in-jasons-deli-showing-up-elsewhere/ |url-status=live |archive-url=https://web.archive.org/web/20240712114929/https://databreaches.net/2010/09/04/malware-used-in-jasons-deli-showing-up-elsewhere/ |archive-date=12 July 2024 |access-date=2 May 2026 |website=Databreaches.net}}</ref><ref>{{Cite web |date=8 September 2010 |title=Several ID Thefts At Jason Deli’s Linked To Computer Virus |url=https://www.spamfighter.com/News-15068-Several-ID-Thefts-At-Jason-Delis-Linked-To-Computer-Virus.htm |url-status=live |access-date=2 May 2026 |website=Spamfighter.com}}</ref>
@@ Line 28: / Line 25: @@
 ===Credential surfing attack (''2024'')===
-{{Incomplete section}}
+On 21 December 2023, Jason's Deli discovered unknown hackers had obtained account login credentials using previous data breaches that contained a users name, address, phone number, birthday, preferred Jason's locations, Deli Dollar points, [[wikipedia:PAN_truncation|truncated credit card and gift card numbers]].<ref name=":0">{{Cite web |last=Zurier |first=Steve |date=24 January 2024 |title=Over 340,000 Jason’s Deli customers potentially impacted in credential-stuffing attack |url=https://www.scworld.com/news/over-340000-jasons-deli-customers-potentially-impacted-in-credential-stuffing-attack |url-status=live |access-date=3 May 2026 |website=SCworld}}</ref><ref name=":1">{{Cite web |last=Langley |first=Mitchell |date=24 January 2024 |title=Jason’s Deli Breach Exposes Data of Over 350K Users in Credential Stuffing Attack |url=https://dailysecurityreview.com/security-spotlight/jasons-deli-breach/ |url-status=live |access-date=3 May 2026 |website=Daily Security Review}}</ref> The company would sent a notice letter to affected users on 19 January 2024, <ref>{{Cite web |date=2 March 2026 |title=Notice of Data Breach |url=https://consumer.sc.gov/sites/consumer/files/Documents/Security%20Breach%20Notices/Jason%27s%20Deli-%20Consumer%20Notice.pdf |url-status=live |archive-url=https://web.archive.org/web/20240202173816/https://consumer.sc.gov/sites/consumer/files/Documents/Security%20Breach%20Notices/Jason's%20Deli-%20Consumer%20Notice.pdf |archive-date=2 February 2024 |access-date=2 May 2026 |website=consumer.sc.gov}}</ref>with the Office of the Maine Attorney General declaring approximately 344,000 people have been affected.<ref name=":0" /><ref name=":1" /> Five days later, Jason's Deli was faced a class action lawsuit over its failure to safeguard and secure users personal information, however it was voluntarily dismissed by plaintiff Kristen Walker 2 months later on 19 March.<ref>{{Cite web |last=Mehorter |first=Kelly |date=31 January 2024 |title=Jason’s Deli Facing Class Action Over 2023 Data Breach Affecting 344K Customers |url=https://www.classaction.org/news/jasons-deli-facing-class-action-over-2023-data-breach-affecting-344k-customers |url-status=live |access-date=3 May 2026 |website=ClassAction}}</ref><ref>{{Cite web |date=1 May 2026 |title=Walker v. Deli Management, Inc. d/b/a Jason's Deli |url=https://www.pacermonitor.com/public/case/52105805/Walker_v_Deli_Management,_Inc_dba_Jasons_Deli |url-status=live |access-date=3 May 2026 |website=Pacermonitor}}</ref>
 ==See also==