Chipotle Investigates Breach
Chipotle has suffered a breach of its payment card processing system, and is reportedly analyzing transactions that took place between March 24 and April 18 for more evidence of the intrusion.
The Mexican food chain has said little about the incident beyond that it detected “unauthorized activity” on its processing system. Chipotle has encouraged customers to watch their financial statements for signs of criminal activity, and said it will notify affected customers.
The fast food chain has sought help from cybersecurity firms and law enforcement, and has moved to better secure its payment systems, according to a report in The Hill. This latest setback for Chipotle comes after it dealt with an E.coli outbreak that led the restaurant operator to close all its stores for a day.
Chipotle could be facing significant costs depending on the cause of the digital intrusion and its scope, as yet unclear. For instance, Home Depot will pay $25 million to financial institutions to compensate them for the costs of a 2014 data breach in which 40 million consumers had payment card data stolen, as well as 52 million to 53 million who had their email addresses stolen (there was overlap between the groups). The agreement comes about three months after a judge ruled that the retailer’s investors cannot sue its board of directors over the breach.