2014 has been a year of point-of-sale data breaches, so why should the last day of the year be any different? Chick-Fil-A is the newest member of the Possible Breach Club, and is currently investigating reports of fraudulent transactions on customer credit cards. The reported breach would have started on December 2, 2013 and lasted until September 30, 2014.
One bank employee who contacted the ever-vigilant blog Krebs on Security reports that more than nine thousand of their employer’s cards were part of this breach. More than 9,000 of its customers’ cards are part of this particular batch when the card numbers went on the market. For this particular bank, that meant more compromised cards than were affected during last year’s holiday season payment breach at Target. That may be an indication that the bank has a lot of customers who enjoy delicious fried chicken, but also the result of this being a very, very long breach.
Chick-Fil-A representatives said that they have received reports of customer payment cards used at their stores that have been used in fraudulent transactions, and they are investigating those reports. The company hasn’t confirmed that there was a breach or provided a list of locations. Banking sources told Brian Krebs that breached cards were used at Chick-Fil-A locations nationwide, but seemed to be concentrated in only a few states. In case you want to start checking your card statements early, those states were Georgia, Maryland, Pennsylvania, Texas, and Virginia.
Here’s part of the statement that the company issued addressing the breach:
Chick-fil-A recently received reports of potential unusual activity involving payment cards used at a few of our restaurants. We take our obligation to protect customer information seriously, and we are working with leading IT security firms, law enforcement and our payment industry contacts to determine all of the facts.
Banks: Card Breach at Some Chick-fil-A’s [Krebs on Security]
by Laura Northrup via Consumerist
No comments:
Post a Comment