Chick-fil-A is investigating a cyberattack that reportedly hacked customer accounts, exposing personal user data.
“We are investigating suspicious activity on some customer accounts,” a statement on the fast food giant’s website reads.
“We are committed to protecting customers’ data and are working quickly to resolve the issue.”
Twitter user and cybersecurity researcher, Dominic Alvieri, was among the first to notice the company’s warning message, stating that “this has not been handled well.”
Chick-fil-A has not released any information on how the accounts may have been hacked, or what information may have been accessed. The company instead resorted to a generic help page (opens in new tab) detailing what its customers should do in the event of suspicious activity.
It urges customers to remain vigilant in protecting their personal information, including immediately resetting their passwords, removing any stored payment method details like credit card information, and reviewing data like email addresses and phone numbers.
With the investigation seemingly ongoing, Chick-fil-A asks that its customers dispute any unauthorized transactions with their banking institutes.
The incident follows recent reports (opens in new tab) that hackers had been using disposable email addresses to hijack legitimate accounts, leading to accounts being advertised for sale at various prices up to $200, depending on account balance, linked payment details, and Chick-fil-A rewards points.
On January 4 2023, the company took to Twitter (opens in new tab) to announce that the attacks were still being investigated, and that “this is not due to a compromise of Chick-fil-A Inc.’s internal systems.”
Concerned customers can contact Chick-fil-A CARES online, or by calling 1-866-232-2040.
TechRadar Pro is waiting to hear back from the company with regards to how customers’ data has been compromised and what the company is doing in response.