Credit card numbers and payment information was stolen from more than three dozen Shoney’s restaurants managed by Best American Hospitality Corp. (BAHC), a statement from the company revealed Monday.

The privately held chain restaurant company, which also manages Church’s Chicken, revealed its point-of-sales software at 37 locations had been compromised by a malware attack that stole cardholder information.

Read: 100,000 Job Applications Stolen From McDonald's Canada Site

The data breach first occurred on Dec. 27 and continued until March 6 when the malware attack was finally contained. The company was able to halt the ongoing data theft with the help of cybersecurity firm Kroll Cyber Security.

While the attacks may have ceased, the fallout could still have wide-ranging effects. A statement from BAHC said the malware was able to successfully steal data from each transaction, including credit card payment information.

The malware reportedly was able to identify information from the magnetic stripe on a credit card, and it is believed the attack was able to record the cardholder name and the credit card number from many transactions, as well as expiration dates and internal verification codes.

BAHC noted cardholder names were not taken in every instance, but that provides only minor peace of mind for those who may have unwittingly had their credit card information stolen.

BAHC said it is working with credit card companies and banks to make the institutions aware their cardholders may be at risk and to advise them to closely monitor transactions. Customers who are potentially affected by the attack are urged to keep a close eye on transactions on their cards to spot any suspicious activity.

Read: Twitter Counter Hack Leads To Hundreds Of Accounts Tweeting Swastikas, Nazi References

The data breach from BAHC is just the latest instance of fast food restaurants being targeted — likely in part because the volume of transactions the companies perform each day promises a treasure trove of credit card information.

Last month, the McDonald’s application website was targeted and nearly 100,000 job applications were stolen. In February, Arby’s announced its payment system had been hit earlier this year at more than 1,000 locations.