Arby’s Data Breach Investigation

Turke & Strauss LLP, a leading data breach law firm, is investigating DRM Inc., which does business as Arby’s, regarding its recent data breach. The Arby’s data breach involved sensitive personal identifiable information and protected health information belonging to an undetermined number of individuals.

ABOUT DRM INC. D/B/A ARBY’S:

Arby’s is a sandwich restaurant franchise based in Georgia. Founded in 1964, Arby’s offers a variety of sandwich options and high-quality proteins in addition to various sides, such as Curly Fries and Jamocha shakes.² Today, Arby’s restaurant services feature a unique blend of quick-serve speed combined with the quality and made-for-you care of fast casual.² Headquartered in Atlanta, Georgia, Arby’s has more than 3,500 locations across nine countries and employs over 10,000 individuals.

WHAT HAPPENED?

Recently, Arby’s discovered that it had experienced a data breach in which sensitive personal identifiable information and protected health information in its systems may have been accessed. Through its investigation, Arby’s determined that an unauthorized actor may have accessed this sensitive information on March 12, 2024. On April 17, 2024, Arby’s began notifying individuals whose information may have been impacted.  The type of information potentially exposed includes:

• Name
• Social Security number
• Driver’s license or passport information
• Workers compensation information (e.g., medical information)