Virginia-Based Fast-Food Chain Faces Data Breach
Table of Contents
- By Steven
- Published: Jan 06, 2023
- Last Updated: Jan 09, 2023
We've seen a lot of hacks over the years, but a fast-food chain is not one that you immediately think of. A hacker is more likely to attack a credit bureau, hospital, or school system in search of the information they want, but if you think about it, Five Guys isn't that bad of a target. A national franchise that most likely works with and employs a combined number well into the hundreds, if not thousands. The hacker can access quite a lot of data like this, though not all of it will be in the upper echelon of privacy.
How Did the Attack Occur?
On September 17, 2022, a file in the Five Guys system was found to have suspicious activity. Law enforcement was involved, as were third-party investigators to look into the breach. On December 8, 2022, it was decided that an unauthorized party had accessed sensitive employee information and that Five Guys must take steps to deal with this breach and deter another.
What Information Was Viewed or Stolen?
While this breach didn't include nearly as much stolen information, there may be large consequences for the victims. The accessed information includes names, driver's license numbers, and social security numbers. There are many ramifications for the victims, though there will likely be very few for the hacker. Only about five percent of hackers are apprehended, though even the best can make simple mistakes that can lead to incarceration.
How Did Five Guys Admit to the Breach?
Five Guys admitted to the breach by sending notification letters to victims and the California State Attorney General's Office. The company did take it an extra step further by offering "one year of credit and CyberScan monitoring, a $1,000,000 insurance reimbursement policy, and fully managed identity theft recovery services," according to the notice sent to the Attorney General's Office.
What Will Become of the Stolen Information?
While there isn't a lot of stolen information, there are a few things hackers can do with it. Driver's licenses and social security numbers are both forms of personally identifying information that they can use to apply for various services, like power and water, that would end up being billed to the person whose identity has been stolen. The hacker can even file fraudulent tax reports in the victim's name, which can effectively upend their life.
What Should Affected Parties Do in the Aftermath of the Breach?
Following a breach like this one, there are a few steps that victims can take. The most obvious of these is applying for and using Five Guys' offered (and free) credit monitoring. Another large, often overlooked, step is to file a police report. Even if nothing comes of the report initially, there will be proof of it later, should you need it. We also recommend monitoring phone calls and messages, as anyone can buy your phone number from one of the various telemarketers that possess it, so long as they have your name.
