Customer credit card data at nearly 170 locations of Applebee’s Bar & Grill may have been stolen by hackers, one of the restaurant chain’s largest franchisees has announced.

RMH Franchise Corp., the world’s second-largest franchisor of Applebee’s restaurants, reported March 2 that it had discovered malware on the point-of-sale systems at 167 restaurants across 15 states. The incident initially was discovered on Feb. 13, according to the firm, after which an investigation was launched.

“Based on the experts’ investigation, RMH believes that unauthorized software … was designed to capture payment card information and may have affected a limited number of purchases made at those locations,” RMH said in a statement. “RMH is pleased to report that the incident has been contained and guests may use their cards with confidence at the RMH Applebee’s locations.”

Applebee’s is a brand of Glendale-based restaurant group Dine Brands Global Inc., formerly DineEquity Inc.

Dine Brands shares (DIN) rose 75 cents, or 1 percent, on Friday to close at $75.72 on the New York Stock Exchange.