Before Considering Your Next Dining Experience, Remember Chipotle Data Breach

  • By David Lukic
  • Dec 01, 2020

Chipotle Mexican restaurants and their affiliates Pizza Locale suffered a data breach in 2017. The Chipotle data breach affected all of their 2,250 locations. The data that hackers stole was credit card information and account logins. Hundreds of Chipotle customers alerted the restaurant to fraudulent charges that were processed through their credit card companies. The hack was perpetrated through malware installed on Chipotle point-of-sale devices from March 24 until April 18, 2017. The malware read the magnetic strips on the backs of credit cards to steal people’s names, credit card numbers, expiration dates, and security codes.

In response to the attack, Chipotle issued a notice of data breach, hired one of the area’s top cybersecurity firms and alerted the authorities along with credit card companies.

chipotle data breach

Chipotle Data Breach of 2017

The chipotle breach of 2017, occurred between March 24 and April 18. By April 17, customers were posting online about suspicious charges and food orders placed from their accounts, which they never initiated. Many also experienced credit card charges at other locations for goods and services. Part of the problem was due to credential stuffing where hackers used account logins for other sites and brute force attacks to log into Chipotle accounts. Some users, however, confirmed that they did not use the same password on other websites.

How to Check if Your a Victim of Chipotle Credit Card Hack

After the attack, Chipotle posted a web page on their site to allow users to check to see if their data was breached. That page has since been removed, but if you need to, you could contact Chipotle Corporate directly to inquire. Additionally, you can review your credit card statements from the period of March-April of 2017 and see if you notice any charges that were not yours. As a precaution, you could cancel the credit card used and have the bank reissue one.

What to Do if Your Data Was Breached

If you were targeted by a Chipotle security breach, and suffered significant losses, gather together your credit card or bank statements to supply the evidence.

  • You will also want to get a copy of your credit reports (IDStrong.com offers this service along with continuous credit monitoring). 
  • Change your Chipotle, credit card, and bank logins. Use only really long passwords with a combination of letters, numbers, and symbols.
  • Review your bank and credit card statements for that period and beyond to look for any suspicious charges. 
  • You can also file a report with the Attorney General’s Office in your state.

Lawsuits and Settlements for Chipotle Data Breach

There was a substantial class-action lawsuit, and Chipotle settled. The settlement includes $250 for anyone who purchased food with Chipotle or Pizza Locale during the breach period. Additionally, they are also offering up to $10,000 for losses sustained as a result of the financial information being put at risk by Chipotle.

chipotle security breach

Can My Information be Used for Identity Theft?

The account login information stolen and then used to brute force attack Chipotle’s server could also be used to acquire additional personal details about you. Any information obtained during a hack or data breach can be used to steal your identity or even find additional personal information. 

What to Do to Protect Yourself

In this digital age, it may seem impossible to protect yourself against hackers, data breaches, viruses, and malware, but there are things you can do to stay safe.

  • Always keep your antivirus software (on all devices) up-to-date and run scans often.
  • Monitor your bank and credit card statements regularly to look for any unusual charges, and add fraud alerts to your credit report.
  • Change your login passwords often and make them very complicated.
  • Do not share any personal information with anyone you don’t know.
  • Do not click on links or download attachments in emails, even if they look legitimate.
  • Invest in credit monitoring and keep an eye on your online profiles.

About the Author
IDStrong Logo

Related Articles

The Anatomy Of Amazon Data Breach Explained

Along with being an online merchant, Amazon also supplies cloud servers to some heavy hitters in t ... Read More

What is Data Leak and How to Prevent Accidental Data Leakage

Data breaches take many forms, and one of them is through data leak and accidental web exposure. M ... Read More

The Saga of T-Mobile Data Breach

T-Mobile Data Breach incident occurred many times. Once from September 1, 2013, and September 16, ... Read More

Anthem Data Breach Exposed 78 Million Records

In the Anthem Data Breach of 2015, hackers were able to steal 78.8 million member’s records. Wha ... Read More

Everything You Need to Know About Insider Data Breach

Data breaches are on the news frequently, but the average person doesn’t really know that mu ... Read More

Latest Articles

Pennsylvania Maternal & Family Health Services Announces Ransomware Attack

Pennsylvania Maternal & Family Health Services Announces Ransomware Attack

Anyone paying even little attention to cybersecurity knows that medical practices and services are some of the most targeted institutions in the world.

Weekly Cybersecurity Recap January 27

Weekly Cybersecurity Recap January 27

This week, our lineup is pretty hard-hitting. Some of the biggest names in, well, everything, have been hacked, with a combined victim total of well into the millions.

MailChimp Announces Data Breach Affecting Tiny Number of Customers – With Big Ripples

MailChimp Announces Data Breach Affecting Tiny Number of Customers – With Big Ripples

MailChimp has been hacked repeatedly over the years; there is very little surprise in the breach, though one thing should be considered.

Featured Articles

How to Buy a House with Bad Credit

How to Buy a House with Bad Credit

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

How Secure Is Your Password? Tips to Improve Your Password Security

How Secure Is Your Password? Tips to Improve Your Password Security

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Top 10 Senior Scams and How to Prevent Them

Top 10 Senior Scams and How to Prevent Them

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.

Free Identity Threat Scan
Instantly Check if Your Personal Information is Exposed
All fields below are required
Please enter first name
Please enter last name
Please enter a city
Please select a state
Please enter an email address
Close