Jimmy John's investigating data breach

Sandwich chain Jimmy John's is the likely victim of the latest retail data breach.

Several financial institutions have informed Krebs on Security blogger Brian Krebs that they are seeing fraud on cards that were recently used at Jimmy John's locations.

Jimmy John's has not released a statement or confirmed the reports, but a spokesperson sent an emailed statement saying only, "Jimmy John's is currently working with the proper authorities and investigating the situation. We will provide an update as soon as we have additional information."

The activity is "card-present" fraud, with counterfeit cards created from stolen credit card information and sold on the black market. Restaurant chain P.F. Chang's suffered a similar breach in June.

POS systems continue to serve as the point of entry for cyber criminals. EMV, or chip-and-PIN, implementation is imminent, but many argue that end-to-end-encryption is needed to more fully combat these types of attacks.

And retailers are still woefully unprepared for data breaches, even though the number of attacks keeps climbing. According to a recent study by the Ponemon Institute, 72 percent of IT executives say their companies suffered a data breach in the past 12 months but only 51 percent say securing confidential data is a high priority.

For more:
-See this Krebs on Security story
-See this Ponemon Institute statement

Related stories:
PF Chang's issues security update
Retailers still unprepared for security breaches
Domino's Pizza data hackers demand ransom
How to prevent Target-like data breaches
Will PF Chang's data breach speed EMV?