If you’ve eaten at Cicis in the past year, a data breach may have put your personal information at risk.

According to the pizza buffet chain, the investigation began in March when several locations said their Point of Sale (POS) systems weren’t working properly. The POS vendor then discovered malware on the POS software at some restaurants.

RELATED: Check your accounts — these Wendy’s restaurants were hit by a card hack

A forensic firm hired by Cicis recently confirmed that a hacker used a malicious software program to gain access to the POS system used by some restaurant locations.

As a result, Cicis says payment card information may have been compromised. The company says most of the intrusions began in March of this year and the threats were eliminated through July. However, a small percentage of restaurants had intrusions dating back to 2015.

Cicis has provided a full list of the 130+ affected restaurant locations and the dates of potential vulnerability. The locations are in these 17 states:

  1. Alabama
  2. Arkansas
  3. Florida
  4. Georgia
  5. Kentucky
  6. Louisiana
  7. Maryland
  8. Missouri
  9. Mississippi
  10. North Carolina
  11. Ohio
  12. Oklahoma
  13. South Carolina
  14. Tennessee
  15. Texas
  16. Virginia
  17. Wisconsin

The company stresses that not all payment cards used at the affected restaurants were compromised and no other customer information was taken.

RELATED: 7 ways to avoid chip credit card fraud

Cicis says customers who may have been affected should pay close attention to their credit card statements for any unauthorized activity. If you identify something suspicious, report it to your card issuer immediately.

The company is also recommending that customers review their free credit report. You can order your free annual credit report by visiting

Formerly known as CiCi’s Pizza, Cicis rebranded in late 2015 with a “Beyond Pizza” concept to emphasize its other offerings, including salad, soup, pasta and desserts.

The Texas-based chain has more than 450 locations nationwide.

A data breach at this pizza chain leaves customers in 17 states at risk Flickr / C-Bunny

Mike Timmermann,