Skip to main content

Jimmy John's data breach affects 12 Minnesota stores

  • Author:
  • Updated:

Another data breach, this time at the Jimmy John's sandwich shop chain. The company announced Wednesday that customer credit and debit card information was stolen from approximately 216 of its stores nationwide between June 16 and Sept. 5. Twelve of the affected stores are in Minnesota.

It's the latest in a long string of large retailers who have had their electronic payment systems hacked, and customer date stolen, over the past several months.

Jimmy John's, based in Champaign, Ill., said an intruder stole the log-in credentials from the company's point-of-sale vendor and used that information to remotely access the payment systems at the affected locations. The company said only cards swiped at stores appear to be affected; information customers entered for online transactions is safe.

The hackers could have acquired cardholder names, card numbers, expiration dates and verification codes.

Jimmy John's said it became aware of the problem July 30. The company said it removed the malicious software and will take other steps to prevent more security breaches, including installing encrypted swipe machines, implementing system enhancements, and reviewing policies and procedures for third-party vendors.

Jimmy John's said it doesn't have enough information to contact individual customers who may have been affected, but said it will offer free identity protection services.

Here's a list of the 12 Minnesota stores and dates of the breach, compiled by the Minneapolis-St. Paul Business Journal.

  • Burnsville, 2001 Cliff Road E. Suite 100 (7/1/2014 - 8/1/2014)
  • Detroit Lakes, 147 Veterans Memorial Parkway (7/1/2014 - 8/1/2014)
  • Golden Valley, 8008 Olson Memorial Highway (7/1/2014 - 8/2/2014)
  • Maple Grove, 8099 Wedgewood Lane N. (6/16/2014 - 8/8/2014)
  • Minneapolis, 3001 Hennepin Ave. S. (6/17/2014 - 8/3/2014)
  • Minneapolis, 1 W. Franklin Ave. (7/1/2014 - 7/15/2014)
  • Roseville, 1631 County Road C (6/26/2014 - 8/1/2014)
  • St. Louis Park, 5340 16th St. (6/16/2014 - 8/7/2014)
  • St. Paul, 80 Snelling Ave. N. Suite. C (7/1/2014 - 8/1/2014)
  • St. Paul, 2127 Old Hudson Road (7/1/2014 - 8/3/2014)
  • White Bear Lake, 1048 Meadowlands Drive (7/1/2014 - 8/1/2014)
  • Wilmar, 1017 1st Street (7/1/2014 - 8/1/2014)

Other major retailers including Target, Home Depot, Cub Foods and Dairy Queen have announced similar data breaches that have affected millions of customers nationwide. Jimmy John's did not say whether its attackers used the same type of malware to steal the credit card information.

Next Up


One killed after being trapped under UTV near Alexandria

The Douglas County Sheriff's Office says the victim died at the scene.


What's in the Inflation Reduction Act signed by President Biden?

How the nation's biggest climate law will reduce emissions.

Patrick Henry High School

Patrick Henry High School in Minneapolis will get new name

A school board meeting was held this week, discussing what's next going forward.

Mike Max

Sources: Mike Max is out at WCCO Radio

Max got his start at WCCO Radio in 1998.

Pixabay - emergency room ambulance hospital

Uber passenger dies a week after fiery crash in St. Paul

Her Uber was struck by a suspected drunk-driver.


Target profits plunge as it takes hit from shedding excess goods

The retailer announced earlier this year it would be slashing prices.

police lights

Las Vegas man identified as victim killed near 38th and Chicago

The 25-year-old died at the scene Sunday afternoon.


Beloved Eagan Dairy Queen says goodbye

A summer staple has shuttered in Eagan.

Screen Shot 2022-08-16 at 3.44.22 PM (2)

Bridge damage closes westbound Hwy. 62 between Richfield, Edina

The Minnesota Department of Transportation said bridge maintenance work is in progress.