Itching for some chicken? Apparently a few hackers were too.
Popular fast food restaurant chain Chik-fil-A recently said it was investigating reports of "suspicious activity" on customer accounts.
Dominic Alvieri, a cybersecurity analyst and security researcher, was one of the first to share this information on social media:
The breach that he mentions apparently involves customer accounts and loyalty points. In the last week or so, several customers took to the internet to share their story of what happened to their CFA account. Many stories look like this one from Reddit:
Imagine this customer's pain when they realized 20,000 points had disappeared! After enough reports from customers came in, Chik-fil-A shared this message on Twitter, noting that this was not caused by a breach of internal systems:
Bleeping Computer reported on this situation, sharing that it had notified the company of "reports that Chick-fil-A user accounts were being breached in credential-stuffing attacks" weeks before this message on Twitter.
The compromised accounts appear to be for sale on the Dark Web at way less than actual value, as this image below shows:
Chik-fil-A is advising customers who believe they are experiencing suspicious activity to change their passwords and remove any stored payment methods from their Chick-fil-A One accounts. More information on what customers should do can be found here.
Follow SecureWorld News for more stories related to cybersecurity.
