Another week, another data breach announced at a major American chain. Some Chili’s customers may have had their payment cards compromised recently, but details are still fairly scarce at this point.
Chili’s parent company Brinker International recently disclosed the breach on its website. The company claims the data incident was limited to March and April of this year. As we’ve seen in other payment incidents at chains recently, this seems to be a case of malware, which “was used to gather payment card information including credit or debit card numbers as well as cardholder names from our payment-related systems for in-restaurant purchases at certain Chili’s restaurants.”
How many Chili’s restaurants were affected? We don’t know at this point, as Brinker International is continuing “to assess the scope of the incident.” We also don’t know any specific locations where the incident may have occurred.
It appears that Brinker believes only some customers were affected, and the breach only took place at “certain” locations. The company’s FAQ on the incident also says, “We have no reason to believe you’re putting yourself at risk by using your payment card today.”
Though payment card information may have been stolen, Brinker stresses that no personal info — social security number, birthdate, etc. — was taken in the breach. While the company recommends that customers consider a credit freeze, among other steps, we’d probably only exercise standard precautions at this point: if you ate at a Chili’s in March or April, you should, of course, carefully monitor your bank activity and statements.
But without any specific location information at this point, we wouldn’t overreact. Just follow your statements, and look for updates on the breach.
Chili’s certainly isn’t the first restaurant chain to announce such an incident recently. In what certainly appears to be a trend, Jason’s Deli, Applebee’s, and Zippy’s have all acknowledged similar payment card breaches this year.