Datacap Logo

Chick-fil-A: The latest enterprise to suffer a card breach

 Payment Terminal at Chick-Fil-A

Retailers such as The Home Depot, Target and Neiman Marcus are not the only ones suffering attacks at the hands of fraudsters – restaurants such as P.F. Chang’s and now perhaps Chick-fil-A are also falling victim to criminals.

Krebs on Security, the same cybercrime blog that posted first about many breach incidents, recently reported that Chick-fil-A has been targeted by fraudsters. The news source heard about compromised payment systems at the fast food chain back in November, but it was not until just before Christmas that major credit card associations began warning financial institutions about a breach at the establishments.

One financial institution in particular listed 9,000 customer payment cards on alert, which is more than that same organization reported for the Target incident, suggesting the Chick-fil-A breach could be affecting a huge number of customers. The bulk of the attacks seem to be centered around the south and midwest stores, with fraud concentrated in Georgia, Maryland, Pennsylvania, Texas and Virginia.

“Chick-fil-A recently received reports of potential unusual activity involving payment cards used at a few of our restaurants,” a representative from Chick-fil-A told Krebs on Security. “We take our obligation to protect customer information seriously, and we are working with leading IT security firms, law enforcement and our payment industry contacts to determine all of the facts.”

According to Krebs on Security, the issue that many fast-food chains encounter comes alongside franchising tendencies. Many store owners choose to outsource the management of their point-of-sale solutions to third-party companies, which creates opportunities for breaches.

Criminals are not just targeting retailers

While most of the high-profile cyberbreaches have been targeting big-name retailers, fraudsters are increasingly diversifying their target pool. While fast-food restaurants may not be the most optimal targets – because of the low-value nature of fast food orders, customers may be more inclined to pay with cash out of their pockets – breaches are still an issue that restaurant owners must contend with.

In fact, fraudsters may increasingly go after alternative targets. After the public backlash many retailers received given the number of high-profile theft incidents, some are taking another look at the point-of-sale and are switching to new POS solutions that use tokenization and other tools to keep data safe.

Any business that accepts customer payments will need to make sure payment card security is a top priority moving forward.