Caribou Coffee is alerting customers that their payment card information may have been accessed during a data breach.
The breach impacts more than 200 Caribou Coffee stores in Minnesota, in addition to some locations in Iowa, South Dakota, North Dakota, Wisconsin, Colorado, Georgia, Kansas, Florida, Missouri and North Carolina.
The Minneapolis-based coffee company says it learned of the breach on Nov. 28 and has since been working with a cyber security firm to better understand the scope of the attack, but unauthorized access to point of sale systems was detected, "exposing some of our customers' data."
The breach has been contained, Caribou says, but anyone who made an electronic purchase at Caribou between Aug. 28, 2018 and Dec. 3, 2018 could've had payment information stolen.
"There is a possibility that your name and credit card information, including card number, expiration date and card security code may have been accessed as a result of this unauthorized activity," Caribou says.
Caribou Coffee Perks account or other loyalty accounts were not part of the breach.
Caribou is advising customers who visited any of the affected locations to check bank statements for any unauthorized purchases.
"If you think you have been affected, please contact your debit or credit card company to report the potential unauthorized activity," says Caribou. "We also encourage customers to remain vigilant by reviewing your account statements as well as your credit report for any unauthorized activity."
By our count, 213 Minnesota locations are part of the security issue. You can see the full list at this link.