Cybersecurity blog KrebsOnSecurity says the activity may have led to stolen credit and debit cards being sold on underground exchanges.
There are two Sonic locations in the Capital Region, one in Latham and another in Troy.
Millions of credit card numbers-some of which were apparently stolen from Sonic Drive-In restaurants-are now for sale on a dark web market for between $25 and $50 per card, reports KrebsOnSecurity.
According to the statement, Sonic staff have called in forensic experts and law enforcement to help look into the issue. The potential breach at Sonic was initially reported by Krebs on Security.
Warnings extended for Puerto Rico's Guajataca Dam, in danger of collapse
As a result, the power company abandoned most basic maintenance in recent years, leaving the island subject to regular blackouts. Virgin Islands following Hurricane Irma . "We are working day and night to identify the needs", Lopez said.
Krebs said he first noticed something wrong when he heard from sources that a pattern of fraudulent transactions on cards had all been traced back to the fast-food chain.
Sonic has over 3,500 locations in the USA, including 15 in New York, according to NBC New York. It said it would communicate additional information as it is able.
"The security of our guests' information is very important to Sonic". Cliff Hudson, the company's CEO, told Business Insider last week that the chain was attempting to invest in technology to better compete with both rival restaurant concepts and competitors such as Amazon.
The invasion of privacy may have affected customers across that entire country as Sonic operates over 3,000 fast food drive-ins in 45 states.