Chipotle data breach affected several Triangle-area locations
Posted May 27
Raleigh, N.C. — A nationwide data breach at Chipotle restaurants that targeted credit and debit card information hit several Triangle-area locations in March and April, the company said Friday.
The company said an investigation identified malware designed to access data from cards used at the restaurants' cash registers.
The malware searched for track data, which sometimes has the cardholder's name, card number, expiration date and internal verification code. The information is read from the magnetic stripe of a payment card as it is swiped.
Triangle-area locations affected are:
1081 Pine Plaza Dr., 27502 (March 27-April 18)
204 Crossroads Blvd., 27518 (March 27-April 18)
100 Wrenn Dr., 27511 (March 27-April 18)
301 West Franklin St. 27516 (March 25-April 18)
1490 Fordham Blvd, Suite 110, 27514 (April 11-April 18)
The Streets of Southpoint, 6910 Fayetteville Road, Suite 187, 27713 (March 26-April 18)
3219 Watkins Road, 27707 (March 26-April 18)
2608 Erwin Rd, Retail Space 17, 27705 (March 25-April 18)
1918 Skibo Road, Suite 102, 28314 (March 26-April 18)
1385 N. Main St., Suite 120, 27526 (April 11-April 18)
68 Eagle Wing Way, 27529 (April 11-April 18)
1516 Village Market Place, 27560 (March 26-April 18)
9504 Strickland Road, 27615 (March 27-April 18)
6602-3 Glenwood Ave., 27612 (March 27-April 18)
6102 Falls of Neuse Road, 27609 (March 25-April 18)
6081 Capital Blvd., 27616 (March 27-April 18)
2316 Hillsborough St., 27607 (March 26-April 18)
120 S Equity Dr., Suite A, 27577 (March 27-April 18)
In a news release, the company said anyone who used their cards at a Chipotle location during the specified time should look for any charges they did not make.
"Customers that used a payment card at an affected location during its at-risk time frame should remain vigilant to the possibility of fraud by reviewing their payment card statements for any unauthorized activity," the company said. "Customers should immediately report any unauthorized charges to their card issuer because payment card rules generally provide that cardholders are not responsible for unauthorized charges reported in a timely manner."