Chipotle Just Announced It’s Been Hacked

Chipotle Mexican Grill announced on Friday that the company is the latest to suffer a data security breach. The company said hackers used malware to steal the company’s customer’s card date. This means account numbers, expiration dates, and internal verification codes. The information was stolen from payment systems at some of Chipotle’s restaurants in the course of three weeks.

Spokesman Chris Arnold stated via e-mail that the breach happened at varying times at most of the company’s restaurants from March 24th to April 18th. There are 2,249 Chipotle restaurants in the U.S.

The malware has been removed, but the company does not know how many payment cards had been affected. According to Paul Stephens, the director of policy and advocacy at Privacy Rights Clearinghouse, this information could be used to empty out bank accounts if debit cards were used to to make purchases if it was a credit card.
The malware, according to an investigation, has determined that it was used to search for track data from the magnetic stripes on payment cards.

Chipotle is not offering any credit monitoring or notifying affected customers directly. The comany did not collect any names or addresses during the purchases.

“Credit monitoring is only designed to let you know when someone is opening a new credit account using your information. Credit monitoring does not alert you when a fraudulent charge is made on a payment card,” Arnold said.

Disclaimer: We have no position in Chipotle Mexican Grill, Inc. (NYSE: CMG) and have not been compensated for this article.