Chick-fil-A Inc. could be the latest retailer facing a payment card data breach.
Online cyber-security website Krebs on Security reported that a number of American financial institutions flagged transactions involving nearly 9,000 consumer credit and debit cards, and the common connection between all were their use at Chick-fil-A restaurants.
The report states that alerts were sent to several U.S. financial institutions about a breach from early December of 2013, up to September 30th of 2014.
Chick-fil-A provided Krebs the following statement:
“Chick-fil-A recently received reports of potential unusual activity involving payment cards used at a few of our restaurants. We take our obligation to protect customer information seriously, and we are working with leading IT security firms, law enforcement and our payment industry contacts to determine all of the facts.””We want to assure our customers we are working hard to investigate these events and will share additional facts as we are able to do so.
If the investigation reveals that a breach has occurred, customers will not be liable for any fraudulent charges to their accounts — any fraudulent charges will be the responsibility of either Chick-fil-A or the bank that issued the card. If our customers are impacted, we will arrange for free identity protection services, including credit monitoring.”
Chick-fil-A operates over 1800 locations around the country, and reports annual sales over $5B.