Jimmy John's believes someone stole log-in credentials and remotely installed malware on machines used to swipe credit cards. Some customers' credit card numbers, expiration dates, verification codes and names were stolen between June 16 and Sept. 15, the company said.
The privately held company said it discovered the problem on July 30.
So what happened between July 30th thru September 25th? Why is this being reported ten days AFTER it’s been patched?