Officials at Chick-fil-A are investigating claims of a possible data breach impacting their customers.
According to a report from security blogger Brian Krebs, U.S. financial institutions have traced a pattern of credit card fraud to accounts used at different Chick-fil-A restaurants across the country. Krebs reported that he first began hearing about the possibility of compromised payment systems at Chick-fil-A restaurants in November. Just before Christmas, one of the major credit card associations issued an alert to several financial institutions about a breach at an unnamed retailer that lasted between Dec. 2, 2013 and Sept. 30, 2014.
In a statement sent to SecurityWeek, Chick-fil-A said it is investigating the matter.
“Chick-fil-A recently received reports of potential unusual activity involving payment cards used at a few of our restaurants,” according to the company. “We take our obligation to protect customer information seriously, and we are working with leading IT security firms, law enforcement and our payment industry contacts to determine all of the facts. We want to assure our customers we are working hard to investigate these events and will share additional facts as we are able to do so.”
“If the investigation reveals that a breach has occurred, customers will not be liable for any fraudulent charges to their accounts,” the company added. “Any fraudulent charges will be the responsibility of either Chick-fil-A or the bank that issued the card. If our customers are impacted, we will arrange for free identity protection services, including credit monitoring.”
Chick-fil-A has more than 1,800 restaurants in the United States.