Skip to main content

Jimmy John's data breach affects 12 Minnesota stores

  • Author:
  • Updated:

Another data breach, this time at the Jimmy John's sandwich shop chain. The company announced Wednesday that customer credit and debit card information was stolen from approximately 216 of its stores nationwide between June 16 and Sept. 5. Twelve of the affected stores are in Minnesota.

It's the latest in a long string of large retailers who have had their electronic payment systems hacked, and customer date stolen, over the past several months.

Jimmy John's, based in Champaign, Ill., said an intruder stole the log-in credentials from the company's point-of-sale vendor and used that information to remotely access the payment systems at the affected locations. The company said only cards swiped at stores appear to be affected; information customers entered for online transactions is safe.

The hackers could have acquired cardholder names, card numbers, expiration dates and verification codes.

Jimmy John's said it became aware of the problem July 30. The company said it removed the malicious software and will take other steps to prevent more security breaches, including installing encrypted swipe machines, implementing system enhancements, and reviewing policies and procedures for third-party vendors.

Jimmy John's said it doesn't have enough information to contact individual customers who may have been affected, but said it will offer free identity protection services.

Here's a list of the 12 Minnesota stores and dates of the breach, compiled by the Minneapolis-St. Paul Business Journal.

  • Burnsville, 2001 Cliff Road E. Suite 100 (7/1/2014 - 8/1/2014)
  • Detroit Lakes, 147 Veterans Memorial Parkway (7/1/2014 - 8/1/2014)
  • Golden Valley, 8008 Olson Memorial Highway (7/1/2014 - 8/2/2014)
  • Maple Grove, 8099 Wedgewood Lane N. (6/16/2014 - 8/8/2014)
  • Minneapolis, 3001 Hennepin Ave. S. (6/17/2014 - 8/3/2014)
  • Minneapolis, 1 W. Franklin Ave. (7/1/2014 - 7/15/2014)
  • Roseville, 1631 County Road C (6/26/2014 - 8/1/2014)
  • St. Louis Park, 5340 16th St. (6/16/2014 - 8/7/2014)
  • St. Paul, 80 Snelling Ave. N. Suite. C (7/1/2014 - 8/1/2014)
  • St. Paul, 2127 Old Hudson Road (7/1/2014 - 8/3/2014)
  • White Bear Lake, 1048 Meadowlands Drive (7/1/2014 - 8/1/2014)
  • Wilmar, 1017 1st Street (7/1/2014 - 8/1/2014)

Other major retailers including Target, Home Depot, Cub Foods and Dairy Queen have announced similar data breaches that have affected millions of customers nationwide. Jimmy John's did not say whether its attackers used the same type of malware to steal the credit card information.

Next Up

Screen Shot 2022-01-17 at 9.39.38 PM

Jordan Greenway runs into Darcy Kuemper, sparks fight

Kuemper got knocked out of the game, leading to the brawl.

Kirill Kaprizov

MacKinnon's controversial goal helps Avalanche top Wild

Kirill Kaprizov's two goals were spoiled by a questionable call.

powell itasca jail jan 2022 resize

Attorney accused of sex assault misses hearing, DMs judge

He was arrested the next day after a warrant was issued,

lorie shaull vulcan snow park st paul winter carnival 2018

Winter Carnival: Get vaccinated or test negative before coming

Organizers are also reminding people to be mindful of the city's emergency regulations.

hospital, emergency room

Driver, 15 years old, hurt when car collides with SUV

The road was wet at the time, the State Patrol said.

Tyler Wahl

Minnesotans have the Badgers back in the national spotlight

Three of Wisconsin's four leading scorers are from Minnesota.

Francisco Liriano

Liriano retires: Remembering his meteoric rise as a rookie

There was no one better than Liriano from mid-May to late-July in 2006.