On December 29, 2022, Five Guys Enterprises, LLC filed notice of a data breach with the various attorney general offices across the country after learning about a cyberattack that compromised confidential information related to individuals who applied to work for the company. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to job applicants’ full names, Social Security numbers, driver’s license numbers and financial account information. After confirming that consumer data was leaked, Five Guys began sending out data breach notification letters to all individuals who were impacted by the recent data security incident.
As one of the fastest-growing restaurant chains in the United States, Five Guys undoubtedly has the resources to protect the sensitive consumer information in its possession. However, news of the Five Guys data breach is causing many to call the company’s commitment to data privacy into question. Regardless, those whose information was leaked in the recent breach now face an increased risk of identity theft and other frauds. As we’ve discussed in prior posts, large companies like Five Guys might be able to be held financially liable for victim’s harm if there is evidence suggesting that the company’s negligence contributed to the breach.
What We Know So Far About the Five Guys Breach
Information about the Five Guys breach comes from the company’s filings with the several attorney general offices, including in Texas, Massachusetts and Montana. According to these sources, on September 17, 2022, Five Guys learned that an unauthorized party may have gained access to its computer system; however, the company provided no details about how the breach occurred. In response, Five Guys took the necessary steps to secure its servers, reported the incident to law enforcement, and then began working with a cybersecurity firm that regularly helps companies learn more about data breaches after they occur.
The company’s investigation confirmed that an unauthorized party was able to access its computer system. Upon further investigation, Five Guys was able to determine that some of the compromised files contained sensitive information belonging to individuals who had previously applied for a job with the company.
Upon discovering that sensitive consumer data was made available to an unauthorized party, Five Guys began to review the affected files to determine what information was compromised and which consumers were impacted. While the breached information varies depending on the individual, it may include your full name, Social Security number, driver’s license number and financial account information.
On December 29, 2022, Five Guys sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident. While we still don’t know the total number of people who were affected by the Five Guys data breach, the Texas Attorney General reports that there were 3,548 victims in that state alone.
More Information About Five Guys Enterprises, LLC
Founded in 1986, Five Guys Enterprises, LLC is a fast-food chain based out of Lorton, Virginia. In 2001, Five Guys began its franchising operation, which resulted in the number of restaurants increasing from five to more than 1,700 in 2016, making it the fastest-growing fast-food chain in the United States. Five Guys serves a limited menu compared to many other fast-food establishments, focusing on hamburgers, hot dogs and French fries. Five Guys employs more than 5,000 people and generates approximately $544 million in annual revenue.