Chipotle discloses possible data breach
The company announced it recently detected unauthorized activity on the network that supports its payment system in restaurants, but believes it has stopped the activity. Furthermore, the investigation is focused on restaurant transactions between March 24 and April 18, 2017, and the company would not provide further details since the investigation is still going on.
A Chipotle representative said the company has notified card networks, which notifies issuing banks, which in turn notifies customers.
Sándor Bálint a security specialist commented on this and added that this incident is a reminder of the fundamental problem about credit card payments, that they are the source of a host of security issues and very difficult and costly to secure. The problem is that a sequence of characters, the card number, is used as an identifier, but this same sequence (when combined with the expiration date and the card security number) is sufficient to make financial transactions on behalf of the cardholder, therefore the known number is also treated as a secret.
The Paypers is the Netherlands-based leading independent source of news and intelligence for professional in the global payment community.
The Paypers provides a wide range of news and analysis products aimed at keeping the ecommerce, fintech, and payment professionals informed about the latest developments in the industry.
Current themes
No part of this site can be reproduced without explicit permission of The Paypers (v2.7).
Privacy Policy / Cookie Statement
Copyright