Jason's Deli: Difference between revisions

(2 intermediate revisions by the same user not shown)

Line 8:

}}

Founded in 1976, '''{{Wplink|Jason's Deli|Jason's Deli}}''' is an American chain of fast casual restaurants ~~that's owned by the Tortorice family~~.

Founded in 1976, '''{{Wplink|Jason's Deli|Jason's Deli}}''' is an American chain of fast casual restaurants.

==Consumer-impact summary==

Line 17:

==Incidents==

This is a list of all consumer-protection incidents this company is involved in. Any incidents not mentioned here can be found in the [[:Category:Jason's Deli|Jason's Deli category]].~~<!-- https://web.archive.org/web/20240202173816/https://consumer.sc.gov/sites/consumer/files/Documents/Security%20Breach%20Notices/Jason's%20Deli-%20Consumer%20Notice.pdf~~

This is a list of all consumer-protection incidents this company is involved in. Any incidents not mentioned here can be found in the [[:Category:Jason's Deli|Jason's Deli category]].

~~2023 incident achieved 2 May 2026 -->~~

===Computer virus (''2010'')===

Around 22 August in Memphis, Tennessee, Jason's Deli received complaints from customers claiming to experience financial fraud after making credit card purchases.<ref>{{Cite web |last=Callahan |first=Jody |date=31 August 2010 |title=Hundreds of ID thefts at Jason's Deli linked to computer virus, Secret Service says |url=http://www.commercialappeal.com/news/2010/aug/31/many-300-id-thefts-jasons-deli-linked-computer-vir/ |url-status=dead |archive-url=https://web.archive.org/web/20101109145905/http://www.commercialappeal.com/news/2010/aug/31/many-300-id-thefts-jasons-deli-linked-computer-vir/ |archive-date=9 November 2010 |access-date=2 May 2026 |website=The Commercial Appeal}}</ref><ref>{{Cite web |last=Kenney |first=Nick |date=24 August 2010 |title=Secret Service investigates Jason's Deli identity thefts |url=https://www.actionnews5.com/story/13030647/secret-service-investigates-jasons-deli-identity-thefts/ |url-status=live |access-date=2 May 2026 |website=Action 5 News}}</ref><ref>{{Cite web |last=Brown |first=Lori |date=22 August 2010 |title=String of identity thefts linked to East Memphis Jason's Deli |url=https://www.actionnews5.com/story/13023532/string-of-identity-thefts-linked-to-east-memphis-jasons-deli/ |url-status=live |access-date=2 March 2026 |website=Action 5 News}}</ref> Two days later United States Secret Service got involved and started investigation the attack, later pinpointing the attack originated from Russia using an unknown variation of an older type of malware affecting around 300 customers.<ref>{{Cite web |last=Broach |first=Janice |date=1 September 2010 |title=Secret Service: Computer virus to blame for Jason's Deli thefts |url=https://www.actionnews5.com/story/13076367/secret-service-computer-virus-to-blame-for-jasons-deli-thefts/ |url-status=live |access-date=2 May 2026 |website=Action News 5}}</ref><ref>{{Cite web |date=4 September 2010 |title=Malware used in Jason’s Deli showing up elsewhere |url=https://databreaches.net/2010/09/04/malware-used-in-jasons-deli-showing-up-elsewhere/ |url-status=live |archive-url=https://web.archive.org/web/20240712114929/https://databreaches.net/2010/09/04/malware-used-in-jasons-deli-showing-up-elsewhere/ |archive-date=12 July 2024 |access-date=2 May 2026 |website=Databreaches.net}}</ref><ref>{{Cite web |date=8 September 2010 |title=Several ID Thefts At Jason Deli’s Linked To Computer Virus |url=https://www.spamfighter.com/News-15068-Several-ID-Thefts-At-Jason-Delis-Linked-To-Computer-Virus.htm |url-status=live |access-date=2 May 2026 |website=Spamfighter.com}}</ref>

Line 28:

Line 25:

===Credential surfing attack (''2024'')===

On 21 December 2023, Jason's Deli discovered unknown hackers had obtained account login credentials using previous data breaches that contained a users name, address, phone number, birthday, preferred Jason's locations, Deli Dollar points, [[wikipedia:PAN_truncation|truncated credit card and gift card numbers]].<ref name=":0">{{Cite web |last=Zurier |first=Steve |date=24 January 2024 |title=Over 340,000 Jason’s Deli customers potentially impacted in credential-stuffing attack |url=https://www.scworld.com/news/over-340000-jasons-deli-customers-potentially-impacted-in-credential-stuffing-attack |url-status=live |access-date=3 May 2026 |website=SCworld}}</ref><ref name=":1">{{Cite web |last=Langley |first=Mitchell |date=24 January 2024 |title=Jason’s Deli Breach Exposes Data of Over 350K Users in Credential Stuffing Attack |url=https://dailysecurityreview.com/security-spotlight/jasons-deli-breach/ |url-status=live |access-date=3 May 2026 |website=Daily Security Review}}</ref> The company would sent a notice letter to affected users on 19 January 2024, <ref>{{Cite web |date=2 March 2026 |title=Notice of Data Breach |url=https://consumer.sc.gov/sites/consumer/files/Documents/Security%20Breach%20Notices/Jason%27s%20Deli-%20Consumer%20Notice.pdf |url-status=live |archive-url=https://web.archive.org/web/20240202173816/https://consumer.sc.gov/sites/consumer/files/Documents/Security%20Breach%20Notices/Jason's%20Deli-%20Consumer%20Notice.pdf |archive-date=2 February 2024 |access-date=2 May 2026 |website=consumer.sc.gov}}</ref>with the Office of the Maine Attorney General declaring approximately 344,000 people have been affected.<ref name=":0" /><ref name=":1" /> Five days later, Jason's Deli was faced a class action lawsuit over its failure to safeguard and secure users personal information, however it was voluntarily dismissed by plaintiff Kristen Walker 2 months later on 19 March.<ref>{{Cite web |last=Mehorter |first=Kelly |date=31 January 2024 |title=Jason’s Deli Facing Class Action Over 2023 Data Breach Affecting 344K Customers |url=https://www.classaction.org/news/jasons-deli-facing-class-action-over-2023-data-breach-affecting-344k-customers |url-status=live |access-date=3 May 2026 |website=ClassAction}}</ref><ref>{{Cite web |date=1 May 2026 |title=Walker v. Deli Management, Inc. d/b/a Jason's Deli |url=https://www.pacermonitor.com/public/case/52105805/Walker_v_Deli_Management,_Inc_dba_Jasons_Deli |url-status=live |access-date=3 May 2026 |website=Pacermonitor}}</ref>

==See also==

@@ Line 8: / Line 8: @@
 }}
-Founded in 1976, '''{{Wplink|Jason's Deli|Jason's Deli}}''' is an American chain of fast casual restaurants that's owned by the Tortorice family.
+Founded in 1976, '''{{Wplink|Jason's Deli|Jason's Deli}}''' is an American chain of fast casual restaurants.
 ==Consumer-impact summary==
@@ Line 17: / Line 17: @@
 ==Incidents==
-This is a list of all consumer-protection incidents this company is involved in. Any incidents not mentioned here can be found in the [[:Category:Jason's Deli|Jason's Deli category]].<!-- https://web.archive.org/web/20240202173816/https://consumer.sc.gov/sites/consumer/files/Documents/Security%20Breach%20Notices/Jason's%20Deli-%20Consumer%20Notice.pdf
+This is a list of all consumer-protection incidents this company is involved in. Any incidents not mentioned here can be found in the [[:Category:Jason's Deli|Jason's Deli category]].
-incident achieved 2 May 2026  -->
 ===Computer virus (''2010'')===
 Around 22 August in Memphis, Tennessee, Jason's Deli received complaints from customers claiming to experience financial fraud after making credit card purchases.<ref>{{Cite web |last=Callahan |first=Jody |date=31 August 2010 |title=Hundreds of ID thefts at Jason's Deli linked to computer virus, Secret Service says |url=http://www.commercialappeal.com/news/2010/aug/31/many-300-id-thefts-jasons-deli-linked-computer-vir/ |url-status=dead |archive-url=https://web.archive.org/web/20101109145905/http://www.commercialappeal.com/news/2010/aug/31/many-300-id-thefts-jasons-deli-linked-computer-vir/ |archive-date=9 November 2010 |access-date=2 May 2026 |website=The Commercial Appeal}}</ref><ref>{{Cite web |last=Kenney |first=Nick |date=24 August 2010 |title=Secret Service investigates Jason's Deli identity thefts |url=https://www.actionnews5.com/story/13030647/secret-service-investigates-jasons-deli-identity-thefts/ |url-status=live |access-date=2 May 2026 |website=Action 5 News}}</ref><ref>{{Cite web |last=Brown |first=Lori |date=22 August 2010 |title=String of identity thefts linked to East Memphis Jason's Deli |url=https://www.actionnews5.com/story/13023532/string-of-identity-thefts-linked-to-east-memphis-jasons-deli/ |url-status=live |access-date=2 March 2026 |website=Action 5 News}}</ref> Two days later United States Secret Service got involved and started investigation the attack, later pinpointing the attack originated from Russia using an unknown variation of an older type of malware affecting around 300 customers.<ref>{{Cite web |last=Broach |first=Janice |date=1 September 2010 |title=Secret Service: Computer virus to blame for Jason's Deli thefts |url=https://www.actionnews5.com/story/13076367/secret-service-computer-virus-to-blame-for-jasons-deli-thefts/ |url-status=live |access-date=2 May 2026 |website=Action News 5}}</ref><ref>{{Cite web |date=4 September 2010 |title=Malware used in Jason’s Deli showing up elsewhere |url=https://databreaches.net/2010/09/04/malware-used-in-jasons-deli-showing-up-elsewhere/ |url-status=live |archive-url=https://web.archive.org/web/20240712114929/https://databreaches.net/2010/09/04/malware-used-in-jasons-deli-showing-up-elsewhere/ |archive-date=12 July 2024 |access-date=2 May 2026 |website=Databreaches.net}}</ref><ref>{{Cite web |date=8 September 2010 |title=Several ID Thefts At Jason Deli’s Linked To Computer Virus |url=https://www.spamfighter.com/News-15068-Several-ID-Thefts-At-Jason-Delis-Linked-To-Computer-Virus.htm |url-status=live |access-date=2 May 2026 |website=Spamfighter.com}}</ref>
@@ Line 28: / Line 25: @@
 ===Credential surfing attack (''2024'')===
-{{Incomplete section}}
+On 21 December 2023, Jason's Deli discovered unknown hackers had obtained account login credentials using previous data breaches that contained a users name, address, phone number, birthday, preferred Jason's locations, Deli Dollar points, [[wikipedia:PAN_truncation|truncated credit card and gift card numbers]].<ref name=":0">{{Cite web |last=Zurier |first=Steve |date=24 January 2024 |title=Over 340,000 Jason’s Deli customers potentially impacted in credential-stuffing attack |url=https://www.scworld.com/news/over-340000-jasons-deli-customers-potentially-impacted-in-credential-stuffing-attack |url-status=live |access-date=3 May 2026 |website=SCworld}}</ref><ref name=":1">{{Cite web |last=Langley |first=Mitchell |date=24 January 2024 |title=Jason’s Deli Breach Exposes Data of Over 350K Users in Credential Stuffing Attack |url=https://dailysecurityreview.com/security-spotlight/jasons-deli-breach/ |url-status=live |access-date=3 May 2026 |website=Daily Security Review}}</ref> The company would sent a notice letter to affected users on 19 January 2024, <ref>{{Cite web |date=2 March 2026 |title=Notice of Data Breach |url=https://consumer.sc.gov/sites/consumer/files/Documents/Security%20Breach%20Notices/Jason%27s%20Deli-%20Consumer%20Notice.pdf |url-status=live |archive-url=https://web.archive.org/web/20240202173816/https://consumer.sc.gov/sites/consumer/files/Documents/Security%20Breach%20Notices/Jason's%20Deli-%20Consumer%20Notice.pdf |archive-date=2 February 2024 |access-date=2 May 2026 |website=consumer.sc.gov}}</ref>with the Office of the Maine Attorney General declaring approximately 344,000 people have been affected.<ref name=":0" /><ref name=":1" /> Five days later, Jason's Deli was faced a class action lawsuit over its failure to safeguard and secure users personal information, however it was voluntarily dismissed by plaintiff Kristen Walker 2 months later on 19 March.<ref>{{Cite web |last=Mehorter |first=Kelly |date=31 January 2024 |title=Jason’s Deli Facing Class Action Over 2023 Data Breach Affecting 344K Customers |url=https://www.classaction.org/news/jasons-deli-facing-class-action-over-2023-data-breach-affecting-344k-customers |url-status=live |access-date=3 May 2026 |website=ClassAction}}</ref><ref>{{Cite web |date=1 May 2026 |title=Walker v. Deli Management, Inc. d/b/a Jason's Deli |url=https://www.pacermonitor.com/public/case/52105805/Walker_v_Deli_Management,_Inc_dba_Jasons_Deli |url-status=live |access-date=3 May 2026 |website=Pacermonitor}}</ref>
 ==See also==