Chick-fil-A Investigates Possible Data Breach, Number of Affected Locations Unknown

Chick-fil-A Investigates Possible Data Breach, Number of Affected Locations Unknown
Image: NCCC
January 5, 2015

Chicken eatery Chick-fil-A is investigating a potential data breach affecting an unknown number of locations, the company confirmed last week.

The company received in December an initial report of unusual activity involving cards used at several restaurants and an investigation with law enforcement and IT security firms is ongoing.

Security blog, KrebsOnSecurity, reported just days prior to Chick-fil-A's announcement, that major credit card companies issued an alert to several financial institutions that a breach took place at an unnamed retailer between Dec. 2, 2013 and Sept. 30, 2014. A source interviewed by the blog said that his financial institution had 9,000 customer cards listed in the alert. While locations across the country were impacted, the bulk was concentrated in Georgia, Maryland, Pennsylvania, Texas and Virginia.

While Chick-fil-A confirmed that they are investigating a breach, details on the company's website remain vague, citing an ongoing investigation.

"At this point, we are working diligently to understand all the facts," said a company release. "It would be premature for us to comment further given the pending investigation, but we will share additional facts as we are able to do so."

If the company confirms a data breach, it said, customers would not be responsible for any fraudulent charges and Chick-fil-A will provide free credit monitoring and identity protection services for anyone impacted.

For more information, customers can call the company's call center at 855-398-6439.