Several US financial institutions have discovered a pattern of credit card fraud in accounts used at different Chick-fil-A locations across the US, according to KrebsOnSecurity.
Veteran security reporter Brian Krebs writes that Chick-fil-A received similar reports and is now working with authorities in an ongoing investigation to determine whether there was a data breach. The site first heard of the potential compromise in November, but a major credit association issued an alert late this month that confirmed the situation. "Just before Christmas, one of the major credit card associations issued an alert to several financial institutions about a breach at an unnamed retailer that lasted between Dec. 2, 2013 and Sept. 30, 2014," Krebs noted.
If the fraud is due to a data breach, Information Week reports that Chick-fil-A will absolve affected customers of fraudulent charges and offer them free credit monitoring services. "If the investigation reveals that a breach has occurred, customers will not be liable for any fraudulent charges to their accounts," the company said in a statement. "Any fraudulent charges will be the responsibility of either Chick-fil-A or the bank that issued the card. If our customers are impacted, we will arrange for free identity protection services, including credit monitoring."