Chick-fil-A fast-food chain investigates reports of hacked online customer accounts and loyalty program fraud
Chick-fi-A says it’s actively investigating reports of fraud hitting some of its Chick-fil-A One® member accounts.
The company emphasized that no internal servers have been compromised and that it’s committed to protecting its customers.
“Chick-fil-A is aware of suspicious activity on some of our customers’ Chick-fil-A One® accounts,” the company explained in a tweet. “While we are still investigating what happened and how certain customers became subject to this fraudulent activity, this is not due to a compromise of Chick-fil-A Inc.’s internal systems. Chick-fil-A is committed to protecting our customers’ data and we are working quickly to resolve the issue. “
According to BleepingComputer, stolen loyalty member accounts were put up for sale online before Christmas, with prices ranging from $2 to $200, depending on the account balances.
Since then, dozens of internet users have confirmed that their accounts were compromised on social media platforms, including Reddit.
“Any idea how to get my account back? The email and password must of been changed,” one user said. “I can’t ‘reset password’ when I type my email in because (I’m assuming) they changed it.”
This could mean that Chick-fil-A account members were victims of a successful credential-stuffing attack that locked them out of their accounts and drained their loyalty points.
To report suspicious activity, users can dial the dedicated number 1-866-232-2040 and contact the fast-food restaurant chain online.
Steps customers can take to secure their accounts if they suspect misuse:
- Reset their Chick-fil-A account password using a unique combination of lower and capital letters, numbers and special characters
- Review account information including name, phone number and address, making sure that no information was changed
- Check any mobile orders placed fraudulently from their accounts. If unauthorized payments using loaded funds were spotted, immediately dispute them with the financial institution
- Remove any compromised stored payment methods from their accounts to avoid further misuse
Need help securing your digital identity and preventing fraud on your online accounts? We’ve got you covered!
Bitdefender Ultimate Security (US only) plans include award-winning anti-malware and anti-ransomware protection alongside handy tools and services to help you navigate the digital realm securely, including:
- A handy and cross-platform Password Manager that helps you generate and manage strong passwords, and identifies duplicate and leaked passwords so you can thwart credential-stuffing attacks and other security risks
- A reliable and fast PremiumVPN to ensure safe online navigation and improve your privacy with newly added anti-tracking and ad-blocker features
- Identity Theft Protection service that includes real-time fraud monitoring, data breach monitoring, credit report monitoring, fraud alerts, credit freeze and lost wallet assistance, and an insurance policy of up to $2 million, depending on your chosen plan
Non-US internet users can opt for Bitdefender’s Digital Identity Protection service that continuously monitors your personal information, alerting you in real-time to data breaches and leaks. This lets you immediately change your passwords and secure your accounts to prevent financial loss or even social media impersonation.
Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns
January 19, 2023
Enhance your cyber resilience and privacy on Computer Security Day in four easy steps
November 29, 2022
How to monitor your online privacy during your Thanksgiving trip
November 22, 2022
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info
November 16, 2022
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be
November 14, 2022