Chili’s has suffered a data breach that may have compromised customers’ credit card information.
The restaurant chain’s parent company Brinker International made the announcement on Saturday (May 12), just one day after discovering that malware on some locations’ payment systems may have harvested customers’ credit card information.
“Currently, we believe the data incident was limited to between March – April 2018; however, we continue to assess the scope of the incident,” the company wrote in a press release. “While the investigation is still ongoing, we believe that malware was used to gather payment card information, including credit or debit card numbers and cardholder names, from our payment-related systems for in-restaurant purchases at certain Chili’s restaurants.”
Once the incident was discovered, Brinker immediately activated a response plan and notified law enforcement. The company added that it’s also working with third-party forensic experts to investigate how the incident took place, as well as exactly which locations were affected by the breach.
“We are working to provide fraud resolution and credit monitoring services for those guests who may have been impacted.”
In the meantime, Brinker encourages its customers to keep an eye on their debit and credit card accounts to check for any fraudulent activity.
One positive note: The company pointed out that Chili’s does not collect certain personal information such as social security number, full date of birth, or federal or state identification number, from guests — so there is no need to worry that this personal information was compromised.
“We deeply value our relationships with our guests and our priority remains doing what is right for them,” the company stated. “We are committed to sharing additional information on this ongoing investigation.”
Chili’s is the flagship brand of Dallas-based Brinker, with more than 1,600 locations in 31 countries and two territories. Brinker also owns and operates Maggiano’s Little Italy.