The Atlanta Journal-Constitution
Chili’s says customer card data exposed
If you’ve eaten at Chili’s restaurants within the past two months, then you might want to check your credit report and card statements.
Chili’s parent company Brinker International announced over the weekend that customers’ payment information was exposed in a recent malware attack.
Brinker did not disclose how hackers gained unauthorized access to its systems, how many customers or restaurants were targeted, or the exact dates when the personal data may have been exposed.
“While the investigation is still ongoing, we believe that malware was used to gather payment card information, including credit or debit card numbers and cardholder names, from our payment-related systems for in-restaurant purchases at certain Chili’s restaurants,” Brinker said in a statement Saturday.
Brinker said that Chili’s does not collect social security numbers, dates of birth or state identification numbers full date of birth, so that data was not compromised.
The Dallas-based company is the latest restaurant to disclose a data breach. Last month Panera Bread acknowledged that data of some customers including names, addresses and the last four digits of credit card numbers were vulnerable on its website for at least eight months. And earlier this year Applebee’s found malware on its payment systems in 167 locations across 15 states, potentially exposing customer credit card data. The barrage of data breaches at restaurants and other businesses highlights the heightened risks of identity theft, and the continued vulnerabilities presented by payment systems, databases of customer information, and mobile apps.