Nation & World

Chili's customer names, credit cards exposed

Chain is the latest to reveal a data breach

Bloomberg

It is unknown how many of Chili’s 1,600 locations were affected by a cyber breach.
Bloomberg It is unknown how many of Chili’s 1,600 locations were affected by a cyber breach.

If you’ve eaten at Chili’s restaurants within the past two months, then you might want to check your credit report and card statements.

Chili’s parent company Brinker International announced over the weekend that customers’ payment information was exposed in a recent malware attack.

Brinker did not disclose how hackers gained unauthorized access to its systems, how many customers or restaurants were targeted or the exact dates when the personal data may have been exposed.

“While the investigation is still ongoing, we believe that malware was used to gather payment card information, including credit or debit card numbers and cardholder names, from our payment-related systems for in-restaurant purchases at certain Chili’s restaurants,” Brinker said in a statement Saturday.

Brinker said that Chili’s does not collect social security numbers, dates of birth or state identification numbers full date of birth, so that data was not compromised.

Chili’s operates a restaurant in Cedar Rapids and in Coralville.

The Dallas-based company is the latest restaurant to disclose a data breach. Last month Panera Bread acknowledged that data of some customers including names, addresses and the last four digits of credit card numbers were vulnerable on its website for at least eight months.

Earlier this year Applebee’s found malware on its payment systems in 167 locations across 15 states, potentially exposing customer credit card data.

ARTICLE CONTINUES BELOW ADVERTISEMENT

The barrage of data breaches at restaurants and other businesses highlights the heightened risks of identity theft, and the continued vulnerabilities presented by payment systems, databases of customer information, and mobile apps.

Brinker said it first learned of the breach on Friday, the same day it first disclosed the breach. The company said it has notified law enforcement agencies and is working with independent experts to investigate and determine which customers were affected.

While it’s not clear how many of Chili’s 1,600 locations were affected, the company still urged customers “out of an abundance of caution” to take steps to protect their information. Those recommendations included placing a fraud alert on your credit file with the three national credit reporting agencies — Equifax, Experian and TransUnion — and reviewing personal bank account information for suspicions activity.

The company also is working to provide credit monitoring and fraud resolution service for the customers that may have had their data stolen, the company said.

Give us feedback

We value your trust and work hard to provide fair, accurate coverage. If you have found an error or omission in our reporting, tell us here.

Or if you have a story idea we should look into? Tell us here.

CONTINUE READING

Give us feedback

We value your trust and work hard to provide fair, accurate coverage. If you have found an error or omission in our reporting, tell us here.

Or if you have a story idea we should look into? Tell us here.