If you’ve been using the Chick-fil-A app, you may have noticed a few suspicious transactions. The fast food chain says it is investigating.
According to security researcher BleepingComputer, over 71,000 customer accounts were breached in a credential stuffing attack before Christmas. Hackers then put them up for sale online for between $2 and $200, depending on the account balances.
Several Chick-fil-A customers in Georgia say someone hacked their app and is now swiping money from their linked bank accounts. The fast food chain says it’s aware of the issue and is looking into it as it happens. One customer, Kimberly Weot, reached out to 11 Alive after she noticed suspicious activity on her account Wednesday afternoon. She said someone changed her account email and then transferred money from her credit card. Weot told 11 Alive that she is a dedicated Chick-fil-A fan and is concerned for other people’s safety.
Affected Chick-fil-A app users can check out a support page on the company’s website to see if their information has been compromised. It will also tell them what to do if they have been impacted by the hacking. They are urging customers to change their passwords, freeze any funds loaded into their accounts, and remove payment information from their account if it has been affected by the hacking.
What you can do about it
Chick-fil-A is investigating a potential hack that may have exposed personal user data. While the company hasn’t said exactly what information was compromised, it is advising affected customers to change their passwords and remove any stored payment information. It also sent reward points to those impacted as a way of apologizing for the security incident.
Dedicated Chick-fil-A One app users reported that hackers got a hold of their account and transferred money from linked bank accounts. One customer, Kimberly Weot, even had someone change her account email address and use her unused points to make purchases. The good news is that if you’re a loyal customer, the chain will give you your money back (albeit it will take a while). For all of those Chick-fil-A app users out there, be sure to check your bank statement for any suspicious activity involving your credit card or a linked account.
What to do if you’re a victim
If you were one of the 71,000 Chick-fil-A One customers whose accounts were compromised, it’s important to change your password and remove any stored payment information from your account. This will help prevent future unauthorized access and reduce the likelihood of a cyberattack in the future.
A recent security alert on the chain’s website warns that hackers accessed customer accounts between Dec. 18 and Feb. 12 using credentials from a third party, allowing them to steal names, email addresses, masked credit/debit card numbers, and Chick-fil-A One membership information.
This is likely due to a credential-stuffing attack that may have left users’ usernames and passwords exposed, exposing them to threat actors. The restaurant is also reimbursing any customer who experienced fraudulent activity as part of its effort to repair the breach.
If you’re a Chick-fil-A One member and have any questions, visit the company’s support page to get more details on what to do if you believe your account has been hacked. It also lists what to do if you notice suspicious activities on your account or if you see mobile orders made from your account that you don’t recognize.
What to do if you’re not a victim
If you’re a loyal Chick-fil-A customer, you may have noticed some suspicious activity in your app. The company is investigating, and if you’re a victim, it’s worth a call to their hotline to see if they can get your account straightened out.
The chain has taken several steps to protect their customers, including requiring password resets and freezing funds in a handful of affected accounts. They also are offering a full refund to customers who had their credit cards stolen in the incident. And although the hack impacted less than 2% of the chain’s customers, it’s still something to be aware of if you use the Chick-fil-A app to make purchases. The restaurant has also vowed to increase its online security and monitoring, and is working with cybersecurity firms to identify any other issues that have surfaced. The company has also launched a multi-tiered fraud protection program. Check your credit cards and your bank statements, and be sure to use unique passwords for every website or app you use.
Visit also at Tech In Journal for more qaulity tech information.