Pierluigi Paganini January 07, 2023

American fast food restaurant chain Chick-fil-A informed its customers of having launched an investigation into “suspicious activity.”

Chick-fil-A is an American fast food restaurant chain, it is the country’s largest which specializes in chicken sandwiches.

The company informed its customers of having launched an investigation into “suspicious activity on some customer accounts.”

“We are investigating suspicious activity on some customer accounts,” reads a statement from the company. “While we are still investigating how certain customers became subject to this fraudulent activity, we have already taken precautions to further secure the affected member accounts and are continuing to review the situation and enhance our security protocols where appropriate.”

Chick-Fil-A has suspended the creation of new accounts and is prohibiting the use of disposable email addresses.

Customers are recommended to Immediately reset their Chick-fil-A One account password. The company also recommends using a unique, complex password that is not associated with any of the users’ other online accounts. This password should be one that is unique to your Chick-fil-A One account. 

The company also recommends users of removing any stored payment methods (e.g. credit or debit cards) from their Chick-fil-A One account.

According to BleepingComputer, threat actors are selling some of the stolen accounts for $2 to $200, depending on the account balance, linked payment method, or Chick-fil-A One points (rewards points) balance.

Some customers reported on social media that their accounts have been hacked.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, food)

[adrotate banner=”5″]

[adrotate banner=”13″]