The restaurant chain, Chipotle Mexican Grill became the latest victim of Point-of-Sale malware when the credit card information of customers was stolen between March 24-April 18. According to the law, one’s liability may be no more than $ 50, if reported.
Chipotle first began to investigate the possibility of a PoS breach on April 25 and found that stolen data included account numbers and verification codes.
As debit cards take money directly from your account, a thief can drain your checking account – leaving you to pay a boatload of fees when your transactions bounce. One Caledonia couple narrowly escaped that fate.
“The malware searched for track data (which sometimes has cardholder name in addition to card number, expiration date, and internal verification code) read from the magnetic stripe of a payment card as it was being routed through the POS device,” Chipotle wrote in a security advisory. “There is no indication that other customer information was affected,” added the advisory.
Chipotle says it doesn’t know how many cards or customers were affected though they claim to have removed the malware.
However, customers who swiped their card on following dates in four Chipotle outlets of Rochester were exposed to cyber crime:
640 Jefferson Road, Rochester 3/25/2017–4/18/2017
1847 Ridge Road West, Rochester 3/26/2017–4/18/2017
1495 East Ridge Road, Rochester 3/26/2017–4/18/2017
1360 Mount Hope Ave, Rochester 3/26/2017–4/18/2017
Chipotle has also stated that it is working with undisclosed cyber-security firms to help improve the company’s security.
Chipotle has provided a website so customers can find out whether the store they patronised was affected. If you have questions about the breach, you can contact Chipotle directly at 1-888-738-0534.