Credit Card Data Breached at Several Cici's Pizza Locations
Stolen data may have been used to create clone cards for use in making fradulent purchases
Cici's Pizza has announced that there was a credit card breach at some of its restaurants dating back to the beginning of 2015.
An investigation was begun in March when some Cici's restaurants reported problems with their point of sale (POS) system. The system vendor subsequently found and removed malware.
Forensic investigation revealed compromised card numbers dating back to 2015, though most of the data theft didn't actually occur until shortly before the breach was discovered when bank employees first reported the possibility to news blog Krebs on Security.
The stolen data may have been used in order to make clone cards for use in fraudulent purchasing. According to Cici's, only the card numbers were taken, not other customer information, which makes identify theft less likely and buying sprees at large retail stores more so.
Cici's locations in the following states were affected: Alabama, Arkansas, Florida, Georgia, Kentucky, Louisiana, Maryland, Missouri, Mississippi, North Carolina, Ohio, Oklahoma, South Carolina, Tennessee, Texas, Virginia, and Wisconsin.
See The Consumerist article for a full list of specific locations affected by the breach.
Although victims are not liable for such fraudulent purchases, anyone who ate at a Cici's Pizza location starting in January 2015 should scrutinize their bank statements and immediately report any suspicious transactions.