Chick-fil-a has ordered an investigation into a possible data breach that occurred just before Christmas, according to The Guardian.
The announcement was made on Friday, and the company said it is now working alongside both federal law enforcement and cybersecurity firms to try and get to the bottom of the hack.
A company statement revealed that credit companies and banks alike were reporting suspicious activity around the 19th December of 2014. It was then that Chick-fil-a decided to get into contact with cybersecurity companies to assist with the issue. The company pointed out that this wasn’t a nationwide problem, only involving “payment cards at a few restaurants”.
Brian Krebs, a cybersecurity journalist, compared the breach to that of other chains including the likes of Dairy Queen. In that particular case, hackers were able to install malware into the third party’s point-of-sale software, which made it possible for thieves to steal the data. It’s not uncommon for medium-sized chains to use third-party companies to take control of purchase systems, but it’s clear this comes with certain risks.
This isn’t the first instance of US corporations falling victim to hacking. In November Home Depot had its self-checkout systems hacked which gave thieves access to 53 million emails as well as 56 million credit and debit card numbers. Target was also hacked as it was found that cybercriminals had stolen personal information of approximately 110 million of its customers.
According to the Ponemon Institute, 43% of US firms had experienced a data breach in the past year.
Chick-fil-a has since made clear that diners will not be held liable for relevant charges if indeed the breach is confirmed, nonetheless customers are being urged to keep an eye out for any suspicious activity on their credit card statements.
Ken Wolter / Shutterstock.com
