Chipotle reports nationwide credit card hack
You thought the extra charge on your credit card was for the added avocado at Chipotle, but it turns it was for something malicious.
Thousands of credit cards might be compromised after the popular restaurant chain announced on Wednesday that their systems were hacked.
After an investigation, Chipotle announced that an unknown group of hackers installed malware into systems at various locations between March 24 and April 18. Any credit cards that customers used during that time are suspected to have been compromised. It’s unknown if the attack was internal, and if there is currently an assessment on Chipotle’s vendor risk management strategies.
How to find out if your card information was stolen
“It is always advisable to remain vigilant to the possibility of fraud by reviewing your payment card statement for any unauthorized activity,” Chipotle said in their statement. “You should immediately report any unauthorized charges to your card issuer because payment card rules generally provide that cardholders are not responsible for unauthorized charges reported in a timely manner.”
After an attack like this, it’s always best to identity proof yourself and your finances as much as you can. Chipotle has opened up a hotline for customers who have any concerns about the hack. The phone number is 888-738-0534, and it’s open Monday – Friday between 9am and 9pm.
Chipotle is currently trying to figure out how many people were affected, and how to avoid this from happening again. A hack like this typically involves the help of third parties who have access to a company’s systems. These type of attacks are the perfect example of why vendor risk management strategies are crucial to the safety of your company’s data.
How this happened
The malware that was installed in their systems searches for “track data,” which typically includes a customer’s name, card number, expiration date, and internal verification code. The malware gains this information after your card’s magnetic strip is swiped in Chipotle’s registers.