Chili's is the latest restaurant chain to be affected by a data breach.
The casual dining chain's parent company, Brinker International, announced Saturday that customer credit and debit card information had been compromised at some Chili's locations between March and April.
However, the company is still assessing the scope of the incident.
"We sincerely apologize to those who may have been affected and assure you we are working diligently to resolve this incident," Brinker said in a statement.
The company said it is working with third-party forensic experts to determine how the breach occurred. So far, Brinker suspects malware was used to gather information including credit- and debit-card numbers as well as cardholder names from in-restaurant purchases.
Chili's does not collect Social Security numbers, full date of birth information or a customer's federal or state identification number, Brinker said. Therefore, personal information was likely not compromised.
The company suggests customers monitor their bank and credit card statements for suspicious activity and contact their bank if their information is being misused.
Brinker said it will continue to update consumers about the breach on its website.
Shares of the company slipped as much as 2 percent on Monday.