Chipotle on payment system breach: 'most' stores affected

Late last month, restaurant franchise Chipotle Mexican Grill revealed that it had suffered a security breach affecting its POS system. The company has released an update on that revelation, saying that 'most' of its stores in the US were affected by the malware. Chipotle says the investigation into the breach, which involved both law enforcement and security firms, has been completed.

The data breach was first revealed on April 25, 2017, though details were slight. In an update, Chipotle has stated that the malware was operating from March 24 to April 18, and that it worked by searching for track data gathered from a bank card's magnetic stripe. This data could include things like the cardholder's name, the card's number, the verification code, and expiration date — all things that can be used to jeopardize the bank account itself.

According to Chipotle, there are no signs of the malware gathering any other information, but anyone who swiped a card between those dates at an affected store could potentially have had data stolen.

The company goes on to say that 'not all locations were involved' in the security breach, though it doesn't provide an exact number. Speaking to The Verge, the company only went so far as to say that 'most' of the stores across the nation were hit. You can search for the stores you've visited here to see if you're potentially affected.

SOURCE: Chipotle