Wednesday, May 31, 2017
It is unclear how many customers may have been impacted by the breach, but of the chain's estimated 2,250 restaurant locations, a large number were found to have been affected. Analysts noted that Chipotle declined to implement EMV (Europay, Mastercard and Visa) chip-enabled transaction capabilities in 2015, citing delays in the authentication process caused by issues specific to EMV implementation in fast-food service environments.
Chipotle stated that during the investigation the malware was removed, and the company will continue to work with cyber security firms, payment card networks, banks and law enforcement agencies to enhance security measures and heighten monitoring.
Chipotle customers who used payment cards at affected locations during the incident time frame are being advised to monitor payment card statements for unauthorized activity and to immediately report any such charges; cardholders will not be held liable if charges are properly reported, according to the company. A list of affected restaurant locations and vulnerable time frames are available online at www.chipotle.com/security and www.pizzerialocale.com/security .
The Green Sheet Inc. is now a proud affiliate of Bankcard Life, a premier community that provides industry-leading training and resources for payment professionals. Click here for more information.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.