On October 5, 2017, the California Office of the Attorney General reported that Sonic Drive-In experienced a malware attack that compromised credit and debit card numbers at certain locations. No specific number of individuals affected or breach date was provided, and the types of information impacted are limited to card numbers.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-102440
TPRM report: https://www.rankiteo.com/company/sonic-drive-in
"id": "son903072625",
"linkid": "sonic-drive-in",
"type": "Cyber Attack",
"date": "10/2017",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'industry': 'Food and Beverage',
'location': 'Certain locations',
'name': 'Sonic Drive-In',
'type': 'Restaurant Chain'}],
'attack_vector': 'Malware',
'data_breach': {'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Credit and debit card numbers']},
'date_detected': '2017-10-05',
'date_publicly_disclosed': '2017-10-05',
'description': 'On October 5, 2017, the California Office of the Attorney '
'General reported that Sonic Drive-In experienced a malware '
'attack that compromised credit and debit card numbers at '
'certain locations.',
'impact': {'data_compromised': ['Credit and debit card numbers'],
'payment_information_risk': True},
'references': [{'date_accessed': '2017-10-05',
'source': 'California Office of the Attorney General'}],
'title': 'Sonic Drive-In Malware Attack',
'type': 'Malware Attack'}