Cyber Security journalist Brian Krebs first reported the breach, in which hackers gained credit card information for as many as 355,000 customers.
The information was gained after the hackers installed malware on the payment systems in hundreds of corporate-owned Arby’s locations. Franchise locations were not accepted.
Although the breach was discovered in January, the chain had not yet made the news public—at the FBI’s request, a spokesman told Krebs.
Arby’s told reporters that it has fixed the malware problem. In a statement, the company explained how it handled the breach: