Tex-Mex restaurant chain Chili’s announced this past weekend that it had suffered a data breach affecting an, as yet, undetermined number of its 1,600 restaurants. According to Chili’s, credit card and debit card information as well as the names of these cardholders were stolen during the breach which, they say, occurred during March and April 2018. Chili’s is just the latest of a long line of retail data breach victims which during the past year alone has included Sears, Kmart, Whole Foods and Under Armour. Malware was used to gain access to the names and credit card information. Had Chili’s been using chip card technology, this data breach could have been avoided.
Here is a link to Chili’s statement about the data breach. http://brinker.mediaroom.com/ChilisDataIncident
It should be noted that the source code for the malware used to perpetrate this data breach ,Treasure Hunter, which is used against point-of-sale equipment that processes credit cards and debit cards was recently leaked online increasing the likelihood that this malware will be used against more retailers. I am sure I will be writing about similar data breaches in the not too distant future.
Certainly if you were a customer of Chili’s you should check your credit card statements and if you used a debit card, you should monitor the account to which your card is tied for indications of fraud. This is another opportunity to remind everyone to restrict your use of your debit card to use at ATMs and not to use it for retail purchases because the laws that protect you from fraudulent use of your debit card are not as strong as those that protect you in the event of the fraudulent use of your credit card.  Also, because data breaches in which credit cards and debit card information is stolen are so common, everyone should regularly monitor their credit card statements and bank accounts to which their debit cards are tied on a regular basis to look for evidence of fraudulent charges.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and click on the tab that states “Sign up for this blog.”