BreachExchange mailing list archives
Chipotle Warns Customers of Possible Credit Card Breach
From: Inga Goddijn <inga () riskbasedsecurity com>
Date: Thu, 27 Apr 2017 08:30:48 -0500
http://www.eater.com/2017/4/26/15433866/chipotle-data-breach-credit-cards As Chipotle continues to try to climb out of a massive sales slump <http://www.eater.com/2017/2/3/14496440/chipotle-q4-2016-results> triggered by a string of high-profile food safety disasters <http://www.eater.com/2015/11/4/9668984/chipotle-e-coli-public-health-disaster>, it’s suddenly got a new pain point: a potential credit card breach. The burrito chain relayed the bad news to customers on Tuesday via a post on its website <https://chipotle.com/security>, explaining that it recently discovered unauthorized activity on its payment processing network. Translation: If you used a credit or debit card to pay for a burrito between late March and mid-April, it’s possible hackers may have stolen your card info. Chipotle is still investigating the breach, but in the meantime, best check your bank statements. Though the news comes at a tough time for the company — Chipotle’s profits plummeted by 95 percent in 2016, a hole it’s currently attempting to get out of with new menu items <http://www.eater.com/2016/6/29/12058884/chipotle-chorizo-rollout> and new and improved tortillas <http://www.eater.com/2017/3/28/15071988/chipotle-new-tortilla> — it’s certainly not the only big chain to face similar woes recently: Arby’s is currently facing an onslaught of lawsuits <http://www.eater.com/2017/2/10/14575978/arbys-data-breach-hacked> in the wake of a massive security breach that’s thought to have compromised the payment data of more than 350,000 customers. Below, Chipotle’s full statement on the potential data breach: We recently detected unauthorized activity on the network that supports payment processing for purchases made in our restaurants. We immediately began an investigation with the help of leading cyber security firms, law enforcement, and our payment processor. We believe actions we have taken have stopped the unauthorized activity, and we have implemented additional security enhancements. Our investigation is focused on card transactions in our restaurants that occurred from March 24, 2017 through April 18, 2017. Because our investigation is continuing, complete findings are not available and it is too early to provide further details on the investigation. We anticipate providing notification to any affected customers as we get further clarity about the specific timeframes and restaurant locations that may have been affected. Consistent with good practices, consumers should closely monitor their payment card statements. If anyone sees an unauthorized charge, they should immediately notify the bank that issued the card. Payment card network rules generally state that cardholders are not responsible for such charges. • Notice of Data Security Incident <https://chipotle.com/security> [Chipotle]
_______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- Chipotle Warns Customers of Possible Credit Card Breach Inga Goddijn (Apr 27)