Attention Chipotle lovers! The restaurant chain was hacked with credit card stealing malware
A cyber security attack hit most Chipotle restaurants and allowed hackers to steal credit card information from the famous burrito chain.
The company realized the breach on April 25 and later a blog post revealed the kind of malware used in the hack.
The list of attacked location is extensive and includes major U.S. cities. The restaurant’s spokesman Chris Arnold told CNNMoney that “most, but not all [locations] may have been involved.”
Chipotle said in its blog post that it partnered with law enforcement officials and cybersecurity firms on a thorough investigation.
The breaches occurred between March 24 and April 18. The malware worked by infecting cash registers and capturing information stored on the magnetic strip on credit cards, named “track data”. Chipotle annouced track data sometimes includes a cardholder’s name, card number, expiration date an internal verification code.
The company assured customers there is “no indication” that other personal information was stolen.
“During the investigation we removed the malware, and we continue to work with cyber security firm to evaluate ways to enhance our security measures,” the blog post reads.
A list of locations and times were affected by the hack can be found on Chipotle’s website.