Chick-fil-A, Inc. is beginning an investigation into reports that the U.S. fast food franchise may have had customer payment card information compromised at some of their 1,850 restaurants.
The restaurant chain learned of “limited suspicious payment card activity appearing to originate from payment cards used at a few of our restaurants,” Chick-fil-A stated in a press release on December 31, 2014.
The investigation comes after several U.S. financial institutions noticed a pattern of credit card fraud linked to some of the restaurant’s customers.
While Chick-fil-A acknowledges the breach and is currently working with IT security firms, law enforcement and members of the payment card industry, the company has not released any information as to the size and scope of the attack.
Security expert Brian Krebs was first to report the potential attack following correspondences with various financial institutions. After speaking with one source, Krebs believes that while the breach is nationwide, the bulk of the attacks appear to be concentrated in Georgia, Maryland, Pennsylvania, Texas and Virginia.
His source goes on to further explain the direct impact to their financial institution. They explain that they their bank was alerted to approximately 9,000 of their customers’ credit cards potentially being compromised — impacting more customers than the December 2013 Target data breach.
“In that respect, it would be much like the breaches first reported in this blog earlier this year at other fast food chains—Dairy Queen and Jimmy Johns,” Krebs stated. “In both of those breaches, the stores impacted were franchises that outsourced the management of their point-of-sale systems to specific third party companies.”
Chick-fil-A customers are urged to check their bank statements for unusual payment card activity. In its press release, Chick-fil-A reassured customers that they would not be held liable for fraudulent charges. The company states that impacted customers will be offered identity theft services.
Chick-fil-A Investigates Potential Payment Card Breach
Aucun commentaire:
Enregistrer un commentaire