POS malware was active at Catch NYC, Catch Rooftop, and Catch Steak restaurants. The malware would attempt to steal track data encoded on the magnetic stripe of credit cards. This data includes the credit card number, expiration date, and internal verification code. As the portable POS devices utilize point-to-point encryption, payments at the table were not affected. Any customers who used their credit cards at Catch restaurants during these time frames should check old credit card statements and monitor future ones for unauthorized activity.
Source: https://www.bleepingcomputer.com/news/security/catch-restaurants-disclose-credit-card-stealing-malware-incident/