Daniel Acker | Bloomberg | Getty Images
An employee delivers food at a Sonic drive-in restaurant in Normal, Illinois.
Shares of burger chain Sonic fell nearly 2 percent on Wednesday, after the company confirmed that it had been the victim of a data breach and offered customers identity theft protection.
The company said that credit and debit card numbers may have been acquired as part of a malware attack at some Sonic locations. The company did not disclose which locations or the specific time frame of the incident.
The data breach was first reported by Krebs on Security and The Wall Street Journal last week. At that time, the Associated Press reported that the company has seen some “unusual activity” on credit cards at some of their restaurants.
Sonic said it will offer customers who used their cards at its locations this year 24 months of free fraud detection and identity theft protection through Experian’s IdentityWorks program.
It is unclear how many customers were affected by this breach.