Data breach at Sonic Drive-In may have impacted millions of credit, debit cards

OKLAHOMA CITY - The Oklahoma City-based chain Sonic confirmed a possible data breach involving credit cards.

"The thing about these data breaches is they're not stopping. We're just going to continue to see them going on into the future," said Kit Letcher with the Better Business Bureau.

Sonic released a statement, saying:

"Our credit card processor informed us last week of unusual activity regarding credit cards used at SONIC. The security of our guests’ information is very important to SONIC. We are working to understand the nature and scope of this issue, as we know how important this is to our guests. We immediately engaged third-party forensic experts and law enforcement when we heard from our processor. While law enforcement limits the information we can share, we will communicate additional information as we are able.​"

KrebsOnSecurity, a security news website, reported the possible breach could have led to what they're calling an online "fire sale" involving a long list of stolen credit and debit cards.

It's called The Joker Stash and lists millions of cards for sale, many of which had been recently used at Sonic.

"What's really scary about it is who's going to take advantage of that and how many times over is your credit card information going to be sold," Letcher said. "What we need to do as consumers is really safeguard our information, and making sure that we are doing our due diligence and making sure that everything that we're paying is actually an expense that we incur."

If you feel you've been a victim of a scam, the BBB has a scam tracker on their website.