If you used a credit or debit card at a Chipotle between May 24 and April 18 of this year, chances are your card number has been compromised.
While Chipotle hasn’t released the exact number of restaurants breached a spokesman did say “most” were affected. There are somewhere in the vicinity of 2,250 locations. Chipotle recently released more information about the recent data breach, including the cause and the locations impacted.
Initially Chipotle admitted to unauthorized activity on its data network back on April 25 during a quarterly earnings call with investors, which we covered here.
According to the Chipotle website, an investigation revealed malware “designed to access payment card data from cards used on point-of-sale devices at certain Chipotle restaurants between March 24, 2017 and April 18, 2017.”
The malware captured card numbers, expiration date and internal verification code, as well as some cardholder names.
You can look up the list of Chipotle’s affected by state here. Every state that Chipotle operates in had restaurants that were breached. According to this Coloradoan story, 74 of the 75 Colorado Chipotle locations were affected by the breach.
Chipotle locations aren’t the only fast-casual restaurants affected. Payment systems at affiliated pizza chain Pizzeria Locale, with locations in Ohio, Missouri, Kansas and Colorado, were also infected with the malware.
According to Chipotle, they’ve since removed the malware and continue to evaluate ways to enhance their security measures.
Customers who have questions regarding the breach can call Chipotle at 888-738-0534.
As always, customers were urged to “remain vigilant to the possibility of fraud.” This means you should watch your accounts for any unauthorized charges.
Are you covered for identity theft?
Get Covered
Image: Pexels