Chick-fil-A fast-food chain investigates reports of hacked online customer accounts and loyalty program fraud


January 09, 2023

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Chick-fil-A fast-food chain investigates reports of hacked online customer accounts and loyalty program fraud

Chick-fi-A says it’s actively investigating reports of fraud hitting some of its Chick-fil-A One® member accounts.

The company emphasized that no internal servers have been compromised and that it’s committed to protecting its customers.

“Chick-fil-A is aware of suspicious activity on some of our customers’ Chick-fil-A One® accounts,” the company explained in a tweet. “While we are still investigating what happened and how certain customers became subject to this fraudulent activity, this is not due to a compromise of Chick-fil-A Inc.’s internal systems. Chick-fil-A is committed to protecting our customers’ data and we are working quickly to resolve the issue. “

According to BleepingComputer, stolen loyalty member accounts were put up for sale online before Christmas, with prices ranging from $2 to $200, depending on the account balances.

Since then, dozens of internet users have confirmed that their accounts were compromised on social media platforms, including Reddit.

“Any idea how to get my account back? The email and password must of been changed,” one user said. “I can’t ‘reset password’ when I type my email in because (I’m assuming) they changed it.”

This could mean that Chick-fil-A account members were victims of a successful credential-stuffing attack that locked them out of their accounts and drained their loyalty points.

To report suspicious activity, users can dial the dedicated number 1-866-232-2040 and contact the fast-food restaurant chain online.

Steps customers can take to secure their accounts if they suspect misuse:

  • Reset their Chick-fil-A account password using a unique combination of lower and capital letters, numbers and special characters
  • Review account information including name, phone number and address, making sure that no information was changed
  • Check any mobile orders placed fraudulently from their accounts. If unauthorized payments using loaded funds were spotted, immediately dispute them with the financial institution
  • Remove any compromised stored payment methods from their accounts to avoid further misuse

Need help securing your digital identity and preventing fraud on your online accounts? We’ve got you covered!

Bitdefender Ultimate Security (US only) plans include award-winning anti-malware and anti-ransomware protection alongside handy tools and services to help you navigate the digital realm securely, including:

  • A handy and cross-platform Password Manager that helps you generate and manage strong passwords, and identifies duplicate and leaked passwords so you can thwart credential-stuffing attacks and other security risks
  • A reliable and fast PremiumVPN to ensure safe online navigation and improve your privacy with newly added anti-tracking and ad-blocker features
  • Identity Theft Protection service that includes real-time fraud monitoring, data breach monitoring, credit report monitoring, fraud alerts, credit freeze and lost wallet assistance, and an insurance policy of up to $2 million, depending on your chosen plan

Non-US internet users can opt for Bitdefender’s Digital Identity Protection service that continuously monitors your personal information, alerting you in real-time to data breaches and leaks. This lets you immediately change your passwords and secure your accounts to prevent financial loss or even social media impersonation.




Alina is a history buff passionate about cybersecurity and anything sci-fi, advocating Bitdefender technologies and solutions. She spends most of her time between her two feline friends and traveling.

View all posts

You might also like