Patrons of Chipotle Mexican Grill might soon start to feel sick to their stomach, but it will have nothing to do with the food--the company has disclosed the full list of upstate New York restaurants affected by the point-of-sale malware that infected the company between March 24th and April 18th of this year. Could this breach have compromised one of your cards? Could you be vulnerable in some other ways, too?
After an investigation into the security breach, Chipotle released an investigation report stating that customer data, more specifically credit card information, had been stolen. This information included cardholder names, expiration dates, card numbers and verification codes.
The report identified twenty-nine locations as those infected with the malware, and gave the dates that their patrons were made vulnerable to data breach. Albany restaurants on Wolf Road and Western Avenue were found to have malware installed, as well as on Balltown Road in Schenectady and Commercial Drive in Utica. Rochester and Syracuse had more than one location struck by this malware as well.
If you visited one of Chipotle’s locations during this time and want to check if you may have been affected, the chain’s website provides a tool to specify which restaurants were breached with their announcement of their findings here.
Chipotle went on to advise their customers to review their statements for any suspicious charges, and to report any suspected instances of identity theft to the Federal Trade Commission and to the state Attorney General’s office.
Having removed the malware, Chipotle has taken steps to bolster their security, a wise move--even if implemented a little too late.
This event is just another unfortunate reminder that security threats can potentially be lurking anywhere, waiting to strike your business. Imagine if you had purchased lunch for the office there during this time, paying for it with the company credit card. You need to be just as careful with company finances as you are with personal finances, if not more so. After all, there are livelihoods other than your own that depend on your business.
It is also important to remember that, while this time it happened to Chipotle, the next security breach could easily happen to you and your business as well. Imagine how the customers whose data was stolen feel about Chipotle right now. Do you want yours to feel the same way about you?
If your business relies on technology in any way, you need to be sure that your security solutions are up to par and your staff is trained to spot potential issues with them and attend to them appropriately. For help in this regard, you can reach out to us at 607.433.2200.