I want my data back data back data back
As if the ribs aren't insulting enough, the popular restaurant, Chili's, has announced that they are victims of a data breach.
What We Know
- The incident was discovered on May 11
- The incident was disclosed on May 12
- It is believed that malware was used to exfiltrate the Data
- The breach occurred and was limited to between March and April of 2018
- Names and Credit Card data was extracted
- Social Security numbers, dates of birth, and federal and state ID numbers were not extracted by the attackers
- Chili's is working with a digital forensics team to investigate the scope of the breach
Open Questions
- How many Chili's customers were effected?
- Which Chili's locations were effected?
- In which systems did the breach occur?
- What type of malware was used?
- When will we know more?
Here is a link to the press release issued by Chili's parent company, Brinker International. Additional information will continue to be posted as it becomes available. Even though Chili's has provided very little information besides the acknowledgement that there was a breach, it appears that they informed the public almost as soon as they learned of the breach. This is a step in the right direction. We have seen too many incidents where companies learn of a breach, but fail to acknowledge the breach with the public until many months or even years after discovery. This leaves the public in the dark and unnecessarily at risk. Hopefully Brinker will follow up quickly with more details regarding the scope of the attack so that the people who are effected can take steps to protect their credit.