The Atlanta-based fast-food chain Chick-Fil-A is working with IT security companies after a possible data breach may have leaked the credit-card details of 9,000 customers.
Gizmodo reports that there has been unusual activity on credit cards believed to have been leaked in a data breach. The fraud seems to be occurring in Georgia, Maryland, Pennsylvania, Texas, and Virginia.
Security reporter Brian Krebs says evidence of a data breach first began emerging in November. But banks started to pay attention in December when a credit-card association sent out an alert claiming that a breach may have started as early as September.
If there has been a data breach, it is probably not going to be on the scale of Target’s, which last year leaked millions of credit-card numbers online. Because the levels of unusual activity are still relatively low, it’s more likely to be a regional issue in which a third-party contractor was hacked into, exposing credit-card information for a set of Chick-Fil-A restaurants.
In a statement to Krebs, Chick-Fil-A confirmed that it was investigating whether a data breach had taken place:
Chick-fil-A recently received reports of potential unusual activity involving payment cards used at a few of our restaurants. We take our obligation to protect customer information seriously, and we are working with leading IT security firms, law enforcement and our payment industry contacts to determine all of the facts.
We want to assure our customers we are working hard to investigate these events and will share additional facts as we are able to do so. If the investigation reveals that a breach has occurred, customers will not be liable for any fraudulent charges to their accounts — any fraudulent charges will be the responsibility of either Chick-fil-A or the bank that issued the card. If our customers are impacted, we will arrange for free identity protection services, including credit monitoring.
NOW WATCH: 7 Subliminal Messages In Corporate Logos