Statement of Jason's Deli Regarding Customer Financial Data

Jason’s Deli ( is a family owned business known for high-quality food and catering services for over 40 years. It is headquartered in Texas and operates or franchises 266 restaurants in 28 states, with a reputation for award-winning quality and a strong relationship with our customers.

On Friday, Dec. 22, 2017, our company was notified by payment processors – the organizations that manage the electronic connections between Jason’s Deli locations and payment card issuers – that MasterCard security personnel had informed it that a large quantity of payment card information had appeared for sale on the “dark web,” and that an analysis of the data indicated that at least a portion of the data may have come from various Jason’s Deli locations.

Jason’s Deli’s management immediately activated our response plan, including engagement of a leading threat response team, involvement of other forensic experts, and cooperation with law enforcement. Among the questions that investigators are working to determine is whether in fact a breach took place, and if so, to determine its scope, the method employed, and whether there is any continuing breach or vulnerability.

The investigation is in its early stages and, as is typical in such situations, we expect it will take some time to determine exactly what happened. Jason’s Deli will provide as much information as possible as the inquiry progresses, bearing in mind that security and law enforcement considerations may limit the amount of detail we can provide.

In the meantime, customers should monitor their payment card accounts carefully and report any suspicious activity to their card issuer. Customers or financial institutions with any questions should contact or 409-838-1976.

Jason’s Deli recognizes that the security of credit and debit card transactions is of the utmost importance to our customers. We have, over the years, continually reviewed and periodically strengthened our security systems, as have other retailers, to meet the constant challenge of sophisticated criminal activity. We will continue that process, and will carefully consider whatever further changes may be appropriate after a thorough forensic review of this event and our payment security systems.

We appreciate the dedication of our employees and others who are working during their Christmas break to respond to this matter and protect our customers, and we thank them and their families for their sacrifice. Most importantly, we appreciate the trust our customers place in us, and we regret any inconvenience that some may experience, especially during the holidays. Thank you for your support and understanding.



When did the breach occur?

We were notified on Friday, December 22, 2017 of a possible breach of payment card information. We are investigating whether a breach occurred and, if so, its scope and duration.


Do you know when it began? Ended?

We are currently investigating whether a breach in fact occurred and, if so, its scope and duration. We have engaged leading experts in forensics and cyber security, and are working with law enforcement.


How many customers were affected?

The batch of card numbers reported to have appeared for sale on the dark web likely included information stolen from multiple retailers. The forensic analysis is attempting to determine which, if any, are traceable to Jason’s Deli and how many of our customers may have been affected.


How many Jason’s Deli locations appear to be involved?

The forensic analysis is working to determine this. Preliminary information indicates some but not all locations.


Have you received any reports of improper payment card activity or identity theft resulting from the breach?

The privacy and security of our customers’ financial information is of the utmost importance to us. We have not received any such reports and will be monitoring the situation closely. We encourage customers and financial institutions to contact us with any such information.


What should customers do who are concerned their information may have been included?

Customers should monitor their payment card accounts carefully, and if they find any suspicious activity should immediately contact their payment card issuer. In addition, customers or financial institutions with any questions should contact us at or 409-838-1976.


Will you be making more information available?

We will make as much information available as quickly as we can through our website and on social media, though please understand that security and law enforcement considerations may limit the amount of detail we can provide as the inquiry progresses.