Chick-fil-A says customer data may have been cracked

http://www.cbsnews.com/news/chick-fil-a-says-customer-data-may-have-been-cracked/

ByAimee Picchi January 2, 2015

The new year is bringing new security breaches.

Chick-fil-A said it's reviewing "potential unusual activity involving payment cards" that were used at some of its restaurants. While the company said it's working with IT security firms, law enforcement and payment industry contacts to investigate, it didn't disclose when or where the breach may have happened.

Security experts have cautioned that this year may prove to be lucrative hunting grounds for scam artists, given a new security standard that will go into effect in October that will make cards harder to hack. In the meantime, criminals may be doubling down on efforts to breach security systems, with about four out of 10 companies reporting a data breach within the last year. [And surely more who either haven't yet discovered they had a data breach, or don't want to admit they had one.]

Chick-fil-A said the suspicious activity appeared to stem from a few of its restaurants. The company told CBS MoneyWatch in an email that it had "no further updates."

•••••

The possible security breach may be linked to Chick-fil-A locations in Georgia, Maryland, Pennsylvania, Texas and Virginia, Krebs wrote.

•••••

One type of charge to be on the lookout for is the "microcharge," or small amounts of $1 or $2 that are used by hackers to test whether a card is active, which allows them to sell the cards to other crooks for higher prices. Because of that, it's important to report even small yet suspicious charges to your bank.

Chick-fil-A said that if customers are impacted, the company will arrange for free credit monitoring and identity protection services. Customers can also call (855)-398-6439 for additional support or information.

•••••