If you used a credit card or debit card to purchase anything recently at Chipotle Mexican Grill, you could be a victim of credit card fraud or identity theft. Chipotle is working with authorities to identify customers at risk.
At issue is what Chipotle calls “malware” designed to steal information from customer credit cards and debit cards at certain Chipotle and Pizzeria Local restaurants, between March 24, 2017 and April 18, 2017, including the cardholder’s name, card number, expiration date and internal verification code.
SEE ALSO
Target credit card security breach
Jimmy John’s credit card security breach
See our Scam Alert page for all the latest frauds and warnings
Chipotle says there is “no indication that other customer information was affected”, and its lawyers further sanitize potential credit card fraud and identity theft issues with the boilderplate that customers “should remain vigilant to the possibility of fraud by reviewing their payment card statements for any unauthorized activity. Customers should immediately report any unauthorized charges to their card issuer because payment card rules generally provide that cardholders are not responsible for unauthorized charges reported in a timely manner”.
Checking your credit card bill carefully each month is good common sense whether or not you are a Chipotle customer. I’ve found all kinds of fraudulent charges over the years that way.
Mostly, they are small ones, the size of a Chipotle lunch or dinner, which are more likely to be missed than something with more zeros. You lose a few bucks while the scammer makes thousands from all those who don’t bother to check their monthly statements.
- Credit card tip: I require my credit card issuers to send me a paper statement each month, so I have a paper record of my charges. Over the years, I’ve found it more reliable to report or dispute a charge when I have a paper trail.
Chipotle and Pizzeria Locale websites have the specific “time frames” of the credit card breach on special microsites www.chipotle.com/security and www.pizzerialocale.com/security, respectively. Not all locations were involved, and the specific time frames vary by location, as Chipotle discovered by working with cyber security firms, law enforcement and payment card networks once they were aware of the breach.
This is not the first credit card scam, and it won’t be the last.
Unfortunately for Chipotle, it comes just as the fast casual chain was recovering from the widespread outbreak in 2016 of Salmonella and E coli poisonings at many of its restaurants nationwide.
What do you think? We value your comments and love hearing from you.