Chili's has those delicious ribs—and that catchy jingle to go along—but is their cybersecurity as strong as they had believed?
The restaurant chain discovered a data breach affecting its point-of-sale (PoS) system on May 11th, and later that same day its parent company warned customers of their credit card data being exposed. At least they nailed that part of Incident Response.
Naked Security has more:
Brinker International doesn’t know how many restaurants were affected, nor how many people’s payment details got swept up by the thieves. It’s working with third-party forensics experts on the investigation, which is still assessing the scope of the breach. At this point, Brinker thinks it was limited to the past few months, between March and April.
From what it’s found so far, the company believes that malware was used to gather payment card information, including credit or debit card numbers and cardholder names from its PoS systems for in-restaurant purchases.
Brinker said that its Chili’s restaurants don’t collect taxpayer IDs, full date of birth, or federal or state identification numbers, so at least that sensitive data wasn’t compromised.