January 3, 2015
Chick-fil-A, the popular QSR chain, recently received reports of potential unusual activity involving payment cards used at a few of their restaurants. The company is working with leading IT security firms, law enforcement and its own payment industry contacts to determine more facts on the situation.
Chick-fil-A is currently investigating these events and if a data breach is discovered, then the company has assured that customers will not be liable for any fraudulent charges to their accounts. Any fraudulent charges will be the responsibility of either Chick-fil-A or the bank that issued the card, as cited in an official press release. Also, if the customers are impacted, Chick-fil-A will arrange for free identity protection services, including credit monitoring.
The company was first notified of limited suspicious payment card activity by its payments industry contacts. The company first came to know about the possibility through a report on December 19th last year. The company immediately launched the investigation then along with partner firms. The company is not sharing any additional facts as such in light of the pending investigation.
As cited by Brian Krebs in a blog posted on KrebsOnSecurity, a particular bank has revealed that it has put 9000 customer cards in an alert list, all of which had Chick-fil-A locations as common point-of-purchase. Chick-fil-A recently rolled out a mobile payment system as an additional option to pay for meals. It is available through the restaurant’s app and requires users to provide their credit card information. The QSR had already begun testing the mobile payment system in June last year. In light of the recent possibility of a data breach, Chick-fil-A should also check the effectiveness of the new system.
The payments industry is witnessing a number of payments authentication systems being developed but still cases of data breaches do arise, especially at popular merchants where risks are higher due to scalability. The $100 billion security industry is still struggling in putting a stop to hackers. We have witnessed data breaches affect thousands of stores of retailers like Target Home Depot, Dairy Queen, Michaels, Neiman Marcus, Kmart, Supervalu, Albertsons and many others.