Arby's
Company Details
Linkedin ID:
arby's
Website:
Employees number:
27,492
Number of followers:
64,726
NAICS:
7225
Industry Type:
Homepage:
arbys.com
IP Addresses:
0
Company ID:
ARB_7732512
Scan Status:
In-progress
Arby's Company CyberSecurity Posture
arbys.com
Arby’s, founded in 1964, is the second-largest sandwich restaurant brand in the world with more than 3,400 restaurants in seven countries. Arby’s is part of the Inspire Brands family of restaurants. For more information, visit Arbys.com and InspireBrands.com With the current growth and momentum of the brand, Arby’s is actively seeking new franchisees. To learn more about available markets and requirements, visit ArbysFranchising.com
Arby's A.I CyberSecurity Scoring
Arby's Risk Score (AI oriented)Between 750 and 799
Arby's
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Arby's Global Score (TPRM)XXXX
Arby's
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Arby's Company CyberSecurity News & History
Past Incidents
3
Attack Types
2
Arby's
Breach
Rankiteo Explanation
Loss of bank statements, self-assessment details, and other people's National Insurance numbers
Description: As one of the biggest fast-food sandwich companies in the US, Arby's Restaurant Group acknowledged that thieves had compromised its point-of-sale systems. When industry partners notified Arby's Restaurants of the security vulnerability, the company found out in mid-January. The corporation claims that only now, in response to a specific request from the FBI, has the card hack been made public. In order to eliminate malware, clean up its systems, and look into the credit card hack, the corporation engaged Mandiant and other security specialists.
Jimmy John's Franchises LLC
Cyber Attack
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Office of the Attorney General reported that Jimmy John’s experienced a payment card security incident affecting approximately 216 stores. Unauthorized access occurred from June 16, 2014 to September 5, 2014, compromising credit and debit card data, including card numbers and potentially cardholder names, verification codes, and expiration dates. The report was made on September 24, 2014.
SONIC Corp.
Cyber Attack
Rankiteo Explanation
Attack limited on finance or reputation
Description: On October 5, 2017, the California Office of the Attorney General reported that Sonic Drive-In experienced a malware attack that compromised credit and debit card numbers at certain locations. No specific number of individuals affected or breach date was provided, and the types of information impacted are limited to card numbers.
Arby's Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Arby's
Incidents vs Restaurants Industry Average (This Year)
No incidents recorded for Arby's in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Arby's in 2025.
Incident Types Arby's vs Restaurants Industry Avg (This Year)
No incidents recorded for Arby's in 2025.
Incident History — Arby's (X = Date, Y = Severity)
Arby's cyber incidents detection timeline including parent company and subsidiaries
Arby's Company Subsidiaries
Arby’s, founded in 1964, is the second-largest sandwich restaurant brand in the world with more than 3,400 restaurants in seven countries. Arby’s is part of the Inspire Brands family of restaurants. For more information, visit Arbys.com and InspireBrands.com With the current growth and momentum of the brand, Arby’s is actively seeking new franchisees. To learn more about available markets and requirements, visit ArbysFranchising.com
Loading...
Arby's Similar Companies
Popeyes Louisiana Kitchen
Founded in New Orleans in 1972, POPEYES® has more than 45 years of history and culinary tradition. Popeyes distinguishes itself with a unique New Orleans-style menu featuring spicy chicken, chicken tenders, fried shrimp, and other regional items. The chain's passion for its Louisiana heritage and fl
Five Guys Enterprises
History: *1986: The first Five Guys location opens in Arlington, VA. *1986 - 2001: Five Guys opens five locations around the DC metro-area and perfected their business of making burgers… and starts to build a cult-like following. * 2002: Five Guys decides DC metro-area residents shouldn't be the
Wendy's was founded in 1969 by Dave Thomas in Columbus, Ohio. Dave built his business on the premise, “Quality Is Our Recipe®”, which remains the guidepost of the Wendy's system. Wendy's is best known for its made-to-order square hamburgers, using fresh, never frozen beef*, freshly-prepared salads,
In-N-Out Burger
In-N-Out Burger was founded in 1948 by Harry and Esther Snyder in Baldwin Park, California, and remains privately owned and operated. Under the direction of the Snyder family, the company has opened restaurants throughout California, Nevada, Arizona, Utah, Texas, Oregon, Colorado, and Idaho. In-N-
Darden
Darden’s family of restaurants features some of the most recognizable and successful brands in full-service dining — Olive Garden, LongHorn Steakhouse, Yard House, Ruth's Chris Steak House, Cheddar’s Scratch Kitchen, The Capital Grille, Chuy's, Seasons 52, Eddie V's and Bahama Breeze. We own and ope
KFC
We’re KFC. The iconic, brand making world-famous finger lickin’ good fried chicken since 1952. Our unrivaled people and culture are the true heart and soul of our brand. It’s where our people promise comes to life every day. Where our employees can be their best selves, make a difference, and have f
Burger King
The year is 1954. Dave and Jim*, two budding entrepreneurs, are on a mission to re-design the perfect broiler, one that will infuse flame-grilled goodness into every burger. And that's how our brand was born. Today the Burger King Corporation, its affiliates and its franchisees collectively operat
Raising Cane's Chicken Fingers
Founded by Todd Graves in 1996 in Baton Rouge, La., RAISING CANE'S CHICKEN FINGERS has over 800 restaurants in 41 states, with many new restaurants under construction. The company has ONE LOVE®—craveable chicken finger meals—and is continually recognized for its unique business model and customer sa
THE SANDWICH OF SANDWICHES℠ At Jimmy John's, we don't make sandwiches. We make The Sandwich of Sandwiches℠. We use fresh vegetables because we don't hate salads, we just feel bad for them. We hand-slice our provolone cheese and meats in-house every day, because packaged pre-sliced meats doesn't ha
.png)
Arby's CyberSecurity News
April 05, 2025 07:00 AM
Cybercrime Diary, Vol. 2, No. 1: Who’s Hacked? Latest Data Breaches And Cyberattacks
Data breaches at fast food chains Arby's and McDonald's Canada were among the prominent brands hit by data breaches during the first three...
January 13, 2025 08:00 AM
Cheat on your diet in peace: Arby's launches cheeky 'New Year Same You' menu
CINCINNATI (WKRC/CBS Newspath) - Arby's is giving a playful twist to New Year's resolutions with its "New Year Same You" menu, available for...
September 10, 2024 07:00 AM
Golfing for a good cause: 22nd annual Arby's Mountain Child Advocacy Golf Classic
The fairways were full at Kenmure Country Club on Monday, Sept. 9, with people taking part in the 22nd annual Arby's Mountain Child Advocacy...
July 11, 2024 07:00 AM
Historic Hollywood Arby’s Will Become A Prince Street Pizza Drive-Thru
Lawrence Longo, who's rapidly expanding Prince Street Pizza in Calfornia and beyond, will open the pop-up slice shop in August.
July 03, 2024 07:00 AM
All Hail Arby’s Order Of The Potato Cakes, Helmed By Kyle MacLachlan
The star of “Twin Peaks”, “Dune” and “Blue Velvet” is back in the pop culture conversation big time with a new ad campaign for the fast food...
May 10, 2024 04:48 PM
Arby’s franchise class action claims data breach exposed employees info
A former Arby's employee filed a class action lawsuit against the company over a data breach of the personal information of former and current employees.
May 09, 2024 07:00 AM
One of Arby’s Biggest Franchisees Hacked in a Ransomware Attack by Cactus
DRM, a family owned and operated company has recently been under attack from a ransomware group. With 73 restaurants potentially compromised...
May 02, 2024 07:00 AM
Arby’s Midwest Chain Hit With Employee Data Breach Class Action
The owner of 121 Arby's restaurants in the Midwest faces a proposed class action alleging negligence and the invasion of privacy of...
October 17, 2022 07:00 AM
Arby’s Now Has The Bourbon To Go With Its Meats
Arby's Smoked Bourbon was created in partnership with Ohio-based craft distillery Brain Brew and inspired by the chain's smoked brisket...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Arby's CyberSecurity History Information
Official Website of Arby's
The official website of Arby's is http://www.arbys.com.
Arby's’s AI-Generated Cybersecurity Score
According to Rankiteo, Arby's’s AI-generated cybersecurity score is 779, reflecting their Fair security posture.
How many security badges does Arby's’ have ?
According to Rankiteo, Arby's currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Arby's have SOC 2 Type 1 certification ?
According to Rankiteo, Arby's is not certified under SOC 2 Type 1.
Does Arby's have SOC 2 Type 2 certification ?
According to Rankiteo, Arby's does not hold a SOC 2 Type 2 certification.
Does Arby's comply with GDPR ?
According to Rankiteo, Arby's is not listed as GDPR compliant.
Does Arby's have PCI DSS certification ?
According to Rankiteo, Arby's does not currently maintain PCI DSS compliance.
Does Arby's comply with HIPAA ?
According to Rankiteo, Arby's is not compliant with HIPAA regulations.
Does Arby's have ISO 27001 certification ?
According to Rankiteo,Arby's is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Arby's
Arby's operates primarily in the Restaurants industry.
Number of Employees at Arby's
Arby's employs approximately 27,492 people worldwide.
Subsidiaries Owned by Arby's
Arby's presently has no subsidiaries across any sectors.
Arby's’s LinkedIn Followers
Arby's’s official LinkedIn profile has approximately 64,726 followers.
NAICS Classification of Arby's
Arby's is classified under the NAICS code 7225, which corresponds to Restaurants and Other Eating Places.
Arby's’s Presence on Crunchbase
No, Arby's does not have a profile on Crunchbase.
Arby's’s Presence on LinkedIn
Yes, Arby's maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/arby's.
Cybersecurity Incidents Involving Arby's
As of December 11, 2025, Rankiteo reports that Arby's has experienced 3 cybersecurity incidents.
Number of Peer and Competitor Companies
Arby's has an estimated 4,851 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Arby's ?
Incident Types: The types of cybersecurity incidents that have occurred include Cyber Attack and Breach.
How does Arby's detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an third party assistance with mandiant, third party assistance with other security specialists, and law enforcement notified with fbi, and containment measures with eliminate malware, containment measures with clean up systems..
Incident Details
Can you provide details on each incident ?
Title: Arby's Point-of-Sale Systems Compromised
Description: Thieves compromised the point-of-sale systems of Arby's Restaurant Group, one of the biggest fast-food sandwich companies in the US.
Date Detected: mid-January
Type: Data Breach
Attack Vector: Point-of-Sale Systems
Threat Actor: Thieves
Motivation: Financial Gain
Title: Jimmy John's Payment Card Security Incident
Description: Unauthorized access to payment card data affecting approximately 216 stores.
Date Detected: 2014-09-24
Date Publicly Disclosed: 2014-09-24
Type: Data Breach
Attack Vector: Unauthorized Access
Title: Sonic Drive-In Malware Attack
Description: On October 5, 2017, the California Office of the Attorney General reported that Sonic Drive-In experienced a malware attack that compromised credit and debit card numbers at certain locations.
Date Detected: 2017-10-05
Date Publicly Disclosed: 2017-10-05
Type: Malware Attack
Attack Vector: Malware
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Cyber Attack.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Point-of-Sale Systems.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach ARB525191123
Data Compromised: Credit card information
Systems Affected: Point-of-Sale Systems
Payment Information Risk: High
Incident : Data Breach JIM204072525
Data Compromised: Credit and debit card data, Card numbers, Cardholder names, Verification codes, Expiration dates
Payment Information Risk: High
Incident : Malware Attack SON903072625
Data Compromised: Credit and debit card numbers
Payment Information Risk: True
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Credit Card Information, , Credit And Debit Card Data, Card Numbers, Cardholder Names, Verification Codes, Expiration Dates, , Credit And Debit Card Numbers and .
Which entities were affected by each incident ?
Incident : Data Breach ARB525191123
Entity Name: Arby's Restaurant Group
Entity Type: Fast-Food Sandwich Company
Industry: Food and Beverage
Location: US
Size: Large
Incident : Data Breach JIM204072525
Entity Name: Jimmy John's
Entity Type: Restaurant Chain
Industry: Food and Beverage
Location: Multiple
Size: Approximately 216 stores
Incident : Malware Attack SON903072625
Entity Name: Sonic Drive-In
Entity Type: Restaurant Chain
Industry: Food and Beverage
Location: Certain locations
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach ARB525191123
Third Party Assistance: Mandiant, Other Security Specialists.
Law Enforcement Notified: FBI,
Containment Measures: Eliminate MalwareClean Up Systems
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through Mandiant, Other Security Specialists, .
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach ARB525191123
Type of Data Compromised: Credit card information
Sensitivity of Data: High
Incident : Data Breach JIM204072525
Type of Data Compromised: Credit and debit card data, Card numbers, Cardholder names, Verification codes, Expiration dates
Sensitivity of Data: High
Personally Identifiable Information: Cardholder names
Incident : Malware Attack SON903072625
Type of Data Compromised: Credit and debit card numbers
Sensitivity of Data: High
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by eliminate malware, clean up systems and .
References
Where can I find more information about each incident ?
Incident : Data Breach ARB525191123
Source: Cyber Incident Description
Incident : Data Breach JIM204072525
Source: California Office of the Attorney General
Date Accessed: 2014-09-24
Incident : Malware Attack SON903072625
Source: California Office of the Attorney General
Date Accessed: 2017-10-05
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Cyber Incident Description, and Source: California Office of the Attorney GeneralDate Accessed: 2014-09-24, and Source: California Office of the Attorney GeneralDate Accessed: 2017-10-05.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach ARB525191123
Investigation Status: Ongoing
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach ARB525191123
Entry Point: Point-of-Sale Systems
Post-Incident Analysis
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Mandiant, Other Security Specialists, .
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Thieves.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on mid-January.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2017-10-05.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Credit Card Information, , Credit and debit card data, Card numbers, Cardholder names, Verification codes, Expiration dates, , Credit and debit card numbers and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Point-of-Sale Systems.
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was mandiant, other security specialists, .
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Eliminate MalwareClean Up Systems.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Credit Card Information, Card numbers, Credit and debit card data, Cardholder names, Expiration dates, Verification codes and Credit and debit card numbers.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are Cyber Incident Description and California Office of the Attorney General.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Point-of-Sale Systems.
.png)
Latest Global CVEs (Not Company-Specific)
Description
FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions prior to 16.0.96 and 17.0.1 through 17.0.9 have a weak default password. By default, this is a 6 digit numeric value which can be brute forced. (This is the app_password parameter). Depending on local configuration, this password could be the extension, voicemail, user manager, DPMA or EPM phone admin password. This issue is fixed in versions 16.0.96 and 17.0.10.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Neuron is a PHP framework for creating and orchestrating AI Agents. In versions 2.8.11 and below, the MySQLWriteTool executes arbitrary SQL provided by the caller using PDO::prepare() + execute() without semantic restrictions. This is consistent with the name (“write tool”), but in an LLM/agent context it becomes a high-risk capability: prompt injection or indirect prompt manipulation can cause execution of destructive queries such as DROP TABLE, TRUNCATE, DELETE, ALTER, or privilege-related statements (subject to DB permissions). Deployments that expose an agent with MySQLWriteTool enabled to untrusted input and/or run the tool with a DB user that has broad privileges are impacted. This issue is fixed in version 2.8.12.
Risk Information
cvss3
Base: 9.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Description
Neuron is a PHP framework for creating and orchestrating AI Agents. Versions 2.8.11 and below use MySQLSelectTool, which is vulnerable to Read-Only Bypass. MySQLSelectTool is intended to be a read-only SQL tool (e.g., for LLM agent querying, however, validation based on the first keyword (e.g., SELECT) and a forbidden-keyword list does not block file-writing constructs such as INTO OUTFILE / INTO DUMPFILE. As a result, an attacker who can influence the tool input (e.g., via prompt injection through a public agent endpoint) may write arbitrary files to the DB server if the MySQL/MariaDB account has the FILE privilege and server configuration permits writes to a useful location (e.g., a web-accessible directory). This issue is fixed in version 2.8.12.
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
Description
Okta Java Management SDK facilitates interactions with the Okta management API. In versions 11.0.0 through 20.0.0, race conditions may arise from concurrent requests using the ApiClient class. This could cause a status code or response header from one request’s response to influence another request’s response. This issue is fixed in version 20.0.1.
Risk Information
cvss3
Base: 8.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L
Description
The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. When using versions 4.11.0 through 4.11.2 and 4.12.0, simultaneous requests on the same client may result in improper lookups in the TokenRequestCache for the request results. This issue is fixed in versions 4.11.2 and 4.12.1.
Risk Information
cvss3
Base: 5.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=arby's' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
