Jason’s Deli, which has over 275 locations in 28 states, released a breach notice regarding a security incident that occurred in a few of their locations affecting over two million customers. The initial investigation into the incident revealed that malicious actors installed RAM-malware onto the company’s point-of-sale terminals on June 8, 2017. According to the notice, the stolen data includes cardholder names, payment card numbers, expiration dates, cardholder verification values (CVVs), and service codes. The notice also contains a list of impacted and potentially impacted stores. The NJCCIC recommends patrons who made purchases at impacted or potentially impacted Jason’s Deli locations closely monitor their financial accounts and immediately report any fraudulent activity to their financial institutions.