Arby's
Company Details
Linkedin ID:
arby's
Website:
Employees number:
27,492
Number of followers:
64,726
NAICS:
7225
Industry Type:
Homepage:
arbys.com
IP Addresses:
0
Company ID:
ARB_7732512
Scan Status:
In-progress
Arby's Company CyberSecurity Posture
arbys.com
Arby’s, founded in 1964, is the second-largest sandwich restaurant brand in the world with more than 3,400 restaurants in seven countries. Arby’s is part of the Inspire Brands family of restaurants. For more information, visit Arbys.com and InspireBrands.com With the current growth and momentum of the brand, Arby’s is actively seeking new franchisees. To learn more about available markets and requirements, visit ArbysFranchising.com
Arby's A.I CyberSecurity Scoring
Arby's Risk Score (AI oriented)Between 750 and 799
Arby's
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Arby's Global Score (TPRM)XXXX
Arby's
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Arby's Company CyberSecurity News & History
Past Incidents
3
Attack Types
2
SONIC Corp.
Cyber Attack
Rankiteo Explanation
Attack limited on finance or reputation
Description: On October 5, 2017, the California Office of the Attorney General reported that Sonic Drive-In experienced a malware attack that compromised credit and debit card numbers at certain locations. No specific number of individuals affected or breach date was provided, and the types of information impacted are limited to card numbers.
Arby's
Breach
Rankiteo Explanation
Loss of bank statements, self-assessment details, and other people's National Insurance numbers
Description: As one of the biggest fast-food sandwich companies in the US, Arby's Restaurant Group acknowledged that thieves had compromised its point-of-sale systems. When industry partners notified Arby's Restaurants of the security vulnerability, the company found out in mid-January. The corporation claims that only now, in response to a specific request from the FBI, has the card hack been made public. In order to eliminate malware, clean up its systems, and look into the credit card hack, the corporation engaged Mandiant and other security specialists.
Jimmy John's Franchises LLC
Cyber Attack
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Office of the Attorney General reported that Jimmy John’s experienced a payment card security incident affecting approximately 216 stores. Unauthorized access occurred from June 16, 2014 to September 5, 2014, compromising credit and debit card data, including card numbers and potentially cardholder names, verification codes, and expiration dates. The report was made on September 24, 2014.
Arby's Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Arby's
Incidents vs Restaurants Industry Average (This Year)
No incidents recorded for Arby's in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Arby's in 2026.
Incident Types Arby's vs Restaurants Industry Avg (This Year)
No incidents recorded for Arby's in 2026.
Incident History — Arby's (X = Date, Y = Severity)
Arby's cyber incidents detection timeline including parent company and subsidiaries
Arby's Company Subsidiaries
Arby’s, founded in 1964, is the second-largest sandwich restaurant brand in the world with more than 3,400 restaurants in seven countries. Arby’s is part of the Inspire Brands family of restaurants. For more information, visit Arbys.com and InspireBrands.com With the current growth and momentum of the brand, Arby’s is actively seeking new franchisees. To learn more about available markets and requirements, visit ArbysFranchising.com
Loading...
Arby's Similar Companies
With over 30,000 employees and more than 500 restaurants in the United States and Canada, Red Lobster is the world’s largest seafood restaurant company. Our vision is to be where the world goes for seafood now and for generations. Red Lobster is an innovative, values-based company that focuses on
Sure, we’re The Wing Experts, but it’s our flavor that defines us. You taste it in our 12 signature sauces, you see it through our bold TV commercials, and you feel it when you walk through our doors. It’s what we like to call a flavor experience, and since the opening of our first restaurant in 199
Popeyes Louisiana Kitchen
Founded in New Orleans in 1972, POPEYES® has more than 45 years of history and culinary tradition. Popeyes distinguishes itself with a unique New Orleans-style menu featuring spicy chicken, chicken tenders, fried shrimp, and other regional items. The chain's passion for its Louisiana heritage and fl
Jersey Mike's Subs
Jersey Mike’s, a fast-casual sub sandwich franchise with more than 3,000 locations open nationwide, believes that making a sub sandwich and making a difference can be one and the same. Jersey Mike’s offers A Sub Above®, serving authentic fresh sliced subs and authentic Philly cheesesteaks grilled t
Taco Bell
Taco Bell was born and raised in California and has been around since 1962. We went from selling everyone’s favorite Crunchy Tacos on the West Coast to a global brand with 8,200+ restaurants, 350 franchise organizations, that serve 42+ million fans each week around the globe. We’re not only the larg
History: *1986: The first Five Guys location opens in Arlington, VA. *1986 - 2001: Five Guys opens five locations around the DC metro-area and perfected their business of making burgers… and starts to build a cult-like following. * 2002: Five Guys decides DC metro-area residents shouldn't be the
Darden
Darden’s family of restaurants features some of the most recognizable and successful brands in full-service dining — Olive Garden, LongHorn Steakhouse, Yard House, Ruth's Chris Steak House, Cheddar’s Scratch Kitchen, The Capital Grille, Chuy's, Seasons 52, Eddie V's and Bahama Breeze. We own and ope
ZAMP
Somos um grande ecossistema de restaurantes que reúne marcas internacionais como Burger King®, Popeyes®, Starbucks® e Subway®. E, por trás de cada receita de sucesso, estão os Zampers: gente que faz acontecer, que joga junto e que deixa sua marca todos os dias. Aqui, a gente acredita que o verdad
Chili's
Chili's opened as a fun Dallas burger joint with a loyalty to happy hour and blue jeans. We prided ourselves on our humble beginnings, following a devotion to great food, warm hospitality and community spirit. Today, with restaurants all over the world, we continue to cook up the best in casual fare
.png)
Arby's CyberSecurity News
May 09, 2025 07:00 AM
Arby’s Taps Anthony Anderson and Cedric The Entertainer for a Saucy New BBQ Campaign
Arby's teams comedy royalty with smoky BBQ vibes—Anthony & Cedric bring the laughs (and flavor).
May 10, 2024 04:48 PM
Arby’s franchise class action claims data breach exposed employees info
A former Arby's employee filed a class action lawsuit against the company over a data breach of the personal information of former and current employees.
May 02, 2024 07:00 AM
Arby’s Midwest Chain Hit With Employee Data Breach Class Action
The owner of 121 Arby's restaurants in the Midwest faces a proposed class action alleging negligence and the invasion of privacy of...
October 03, 2018 07:00 AM
Burgerville Hit By Massive Cybersecurity Breach, Class-Action Lawsuit
UPDATE (Oct. 3, 5:27 p.m. PT) — Burgerville says it has discovered a "sophisticated" cybersecurity breach that may have affected customers who paid with a...
August 22, 2018 07:00 AM
If you shopped at these 16 stores in the last year, your data might have been stolen
Data breaches continue to be a threat to consumers. Many companies were hacked and likely had information stolen from them since January...
August 01, 2018 07:00 AM
How Cyber Crime Group FIN7 Attacked and Stole Data from Hundreds of U.S. Companies
FIN7 members engaged in a highly sophisticated malware campaign targeting more than 100 US companies, predominantly in the restaurant, gaming, and hospitality...
February 12, 2017 08:00 AM
Do you eat at Arby’s? Restaurant looking into possible data breach
Arby's is reportedly investigating a major data breach that could impact more than 350,000 credit and debit cards used at the chain...
February 10, 2017 08:00 AM
Been to Arby’s Lately? Check Your Bank Statements
The fast-food chain had fallen victim to a massive credit card data breach, and now it's been hit with eight different lawsuits from banks, credit unions, and...
February 09, 2017 08:00 AM
Fast Food Chain Arby’s Acknowledges Breach
Arby's told KrebsOnSecurity that it recently remediated a breach involving malicious software installed on payment card systems at hundreds of its restaurant...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Arby's CyberSecurity History Information
Official Website of Arby's
The official website of Arby's is http://www.arbys.com.
Arby's’s AI-Generated Cybersecurity Score
According to Rankiteo, Arby's’s AI-generated cybersecurity score is 779, reflecting their Fair security posture.
How many security badges does Arby's’ have ?
According to Rankiteo, Arby's currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has Arby's been affected by any supply chain cyber incidents ?
According to Rankiteo, Arby's has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does Arby's have SOC 2 Type 1 certification ?
According to Rankiteo, Arby's is not certified under SOC 2 Type 1.
Does Arby's have SOC 2 Type 2 certification ?
According to Rankiteo, Arby's does not hold a SOC 2 Type 2 certification.
Does Arby's comply with GDPR ?
According to Rankiteo, Arby's is not listed as GDPR compliant.
Does Arby's have PCI DSS certification ?
According to Rankiteo, Arby's does not currently maintain PCI DSS compliance.
Does Arby's comply with HIPAA ?
According to Rankiteo, Arby's is not compliant with HIPAA regulations.
Does Arby's have ISO 27001 certification ?
According to Rankiteo,Arby's is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Arby's
Arby's operates primarily in the Restaurants industry.
Number of Employees at Arby's
Arby's employs approximately 27,492 people worldwide.
Subsidiaries Owned by Arby's
Arby's presently has no subsidiaries across any sectors.
Arby's’s LinkedIn Followers
Arby's’s official LinkedIn profile has approximately 64,726 followers.
NAICS Classification of Arby's
Arby's is classified under the NAICS code 7225, which corresponds to Restaurants and Other Eating Places.
Arby's’s Presence on Crunchbase
No, Arby's does not have a profile on Crunchbase.
Arby's’s Presence on LinkedIn
Yes, Arby's maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/arby's.
Cybersecurity Incidents Involving Arby's
As of January 21, 2026, Rankiteo reports that Arby's has experienced 3 cybersecurity incidents.
Number of Peer and Competitor Companies
Arby's has an estimated 4,880 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Arby's ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach and Cyber Attack.
How does Arby's detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an third party assistance with mandiant, third party assistance with other security specialists, and law enforcement notified with fbi, and containment measures with eliminate malware, containment measures with clean up systems..
Incident Details
Can you provide details on each incident ?
Title: Arby's Point-of-Sale Systems Compromised
Description: Thieves compromised the point-of-sale systems of Arby's Restaurant Group, one of the biggest fast-food sandwich companies in the US.
Date Detected: mid-January
Type: Data Breach
Attack Vector: Point-of-Sale Systems
Threat Actor: Thieves
Motivation: Financial Gain
Title: Jimmy John's Payment Card Security Incident
Description: Unauthorized access to payment card data affecting approximately 216 stores.
Date Detected: 2014-09-24
Date Publicly Disclosed: 2014-09-24
Type: Data Breach
Attack Vector: Unauthorized Access
Title: Sonic Drive-In Malware Attack
Description: On October 5, 2017, the California Office of the Attorney General reported that Sonic Drive-In experienced a malware attack that compromised credit and debit card numbers at certain locations.
Date Detected: 2017-10-05
Date Publicly Disclosed: 2017-10-05
Type: Malware Attack
Attack Vector: Malware
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Cyber Attack.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Point-of-Sale Systems.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach ARB525191123
Data Compromised: Credit card information
Systems Affected: Point-of-Sale Systems
Payment Information Risk: High
Incident : Data Breach JIM204072525
Data Compromised: Credit and debit card data, Card numbers, Cardholder names, Verification codes, Expiration dates
Payment Information Risk: High
Incident : Malware Attack SON903072625
Data Compromised: Credit and debit card numbers
Payment Information Risk: True
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Credit Card Information, , Credit And Debit Card Data, Card Numbers, Cardholder Names, Verification Codes, Expiration Dates, , Credit And Debit Card Numbers and .
Which entities were affected by each incident ?
Incident : Data Breach ARB525191123
Entity Name: Arby's Restaurant Group
Entity Type: Fast-Food Sandwich Company
Industry: Food and Beverage
Location: US
Size: Large
Incident : Data Breach JIM204072525
Entity Name: Jimmy John's
Entity Type: Restaurant Chain
Industry: Food and Beverage
Location: Multiple
Size: Approximately 216 stores
Incident : Malware Attack SON903072625
Entity Name: Sonic Drive-In
Entity Type: Restaurant Chain
Industry: Food and Beverage
Location: Certain locations
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach ARB525191123
Third Party Assistance: Mandiant, Other Security Specialists.
Law Enforcement Notified: FBI,
Containment Measures: Eliminate MalwareClean Up Systems
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through Mandiant, Other Security Specialists, .
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach ARB525191123
Type of Data Compromised: Credit card information
Sensitivity of Data: High
Incident : Data Breach JIM204072525
Type of Data Compromised: Credit and debit card data, Card numbers, Cardholder names, Verification codes, Expiration dates
Sensitivity of Data: High
Personally Identifiable Information: Cardholder names
Incident : Malware Attack SON903072625
Type of Data Compromised: Credit and debit card numbers
Sensitivity of Data: High
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by eliminate malware, clean up systems and .
References
Where can I find more information about each incident ?
Incident : Data Breach ARB525191123
Source: Cyber Incident Description
Incident : Data Breach JIM204072525
Source: California Office of the Attorney General
Date Accessed: 2014-09-24
Incident : Malware Attack SON903072625
Source: California Office of the Attorney General
Date Accessed: 2017-10-05
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Cyber Incident Description, and Source: California Office of the Attorney GeneralDate Accessed: 2014-09-24, and Source: California Office of the Attorney GeneralDate Accessed: 2017-10-05.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach ARB525191123
Investigation Status: Ongoing
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach ARB525191123
Entry Point: Point-of-Sale Systems
Post-Incident Analysis
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Mandiant, Other Security Specialists, .
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Thieves.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on mid-January.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2017-10-05.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Credit Card Information, , Credit and debit card data, Card numbers, Cardholder names, Verification codes, Expiration dates, , Credit and debit card numbers and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Point-of-Sale Systems.
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was mandiant, other security specialists, .
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Eliminate MalwareClean Up Systems.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Verification codes, Credit Card Information, Cardholder names, Expiration dates, Credit and debit card data, Card numbers and Credit and debit card numbers.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are Cyber Incident Description and California Office of the Attorney General.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Point-of-Sale Systems.
.png)
Latest Global CVEs (Not Company-Specific)
Description
SummaryA command injection vulnerability (CWE-78) has been found to exist in the `wrangler pages deploy` command. The issue occurs because the `--commit-hash` parameter is passed directly to a shell command without proper validation or sanitization, allowing an attacker with control of `--commit-hash` to execute arbitrary commands on the system running Wrangler. Root causeThe commitHash variable, derived from user input via the --commit-hash CLI argument, is interpolated directly into a shell command using template literals (e.g., execSync(`git show -s --format=%B ${commitHash}`)). Shell metacharacters are interpreted by the shell, enabling command execution. ImpactThis vulnerability is generally hard to exploit, as it requires --commit-hash to be attacker controlled. The vulnerability primarily affects CI/CD environments where `wrangler pages deploy` is used in automated pipelines and the --commit-hash parameter is populated from external, potentially untrusted sources. An attacker could exploit this to: * Run any shell command. * Exfiltrate environment variables. * Compromise the CI runner to install backdoors or modify build artifacts. Credits Disclosed responsibly by kny4hacker. Mitigation * Wrangler v4 users are requested to upgrade to Wrangler v4.59.1 or higher. * Wrangler v3 users are requested to upgrade to Wrangler v3.114.17 or higher. * Users on Wrangler v2 (EOL) should upgrade to a supported major version.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle VM VirtualBox accessible data as well as unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L).
Risk Information
cvss3
Base: 8.1
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=arby's' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
