myFICO® Forums
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Credit card data breach at Chipotle

tag
Get Access Now
DeeBee78
Valued Contributor
‎04-26-2017 10:14 PM
‎04-26-2017 10:14 PM

Credit card data breach at Chipotle

https://consumerist.com/2017/04/26/chipotle-reveals-payment-system-data-breach-will-also-start-selli...

 

I noticed several months ago that Chipotle was still not PCI compliant, when I inquired about the lack of Apple and Android Pay.  

 

They're not using tokenized transactions with chip and signature, or external card readers that tokenize mag stripe-read card numbers.

 

The article mentions that they have taken several steps to secure their systems, but I don't think they're finished. I was just there last week. They're using the same old POS systems and no tokenized card acceptance methods. I would use cash there until they do. 

Message 1 of 7
6 REPLIES 6
Anonymous
Not applicable
‎04-27-2017 02:55 AM
‎04-27-2017 02:55 AM

Re: Credit card data breach at Chipotle

DeeBee78 great catch and write up! Glad we don't have one of their stores around here because they are just plain stupid!!!
Message 2 of 7
0 Kudos
Revelate
Moderator Emeritus
‎04-27-2017 03:29 AM
‎04-27-2017 03:29 AM

Re: Credit card data breach at Chipotle

Sigh.

 

I still own Chipotle stock, they just can't get out of their own way.  Then again if this depresses it again, might go pick up some more Smiley LOL




        
Message 3 of 7
Anonymous
Not applicable
‎04-27-2017 07:01 AM
‎04-27-2017 07:01 AM

Re: Credit card data breach at Chipotle

Good thing that I used cash the last time I went to Chipotle; I'm not sure whether my visit was in the period reported in the article, or before. At any rate, even if I don't use actual physical cash, I almost always use my debit card when visiting a restaurant (since my bill for a single person generally doesn't go higher than $15-$20 excluding tip, I don't really bother to use a credit card in those circumstances).

Message 4 of 7
0 Kudos
Anonymous
Not applicable
‎04-29-2017 10:58 AM
‎04-29-2017 10:58 AM

Re: Credit card data breach at Chipotle

@DeeBee78 wrote:

https://consumerist.com/2017/04/26/chipotle-reveals-payment-system-data-breach-will-also-start-selli...

 

I noticed several months ago that Chipotle was still not PCI compliant, when I inquired about the lack of Apple and Android Pay.  

 

They're not using tokenized transactions with chip and signature, or external card readers that tokenize mag stripe-read card numbers.

 

The article mentions that they have taken several steps to secure their systems, but I don't think they're finished. I was just there last week. They're using the same old POS systems and no tokenized card acceptance methods. I would use cash there until they do. 

You can be PCI compliant without EMV and tokenization. (For now, at least.)

 

Having the terminal be separate from the POS does help with security, however.

Message 5 of 7
0 Kudos
Anonymous
Not applicable
‎05-06-2017 01:09 PM
‎05-06-2017 01:09 PM

Re: Credit card data breach at Chipotle

Interesting. THanks for the tip

Message 6 of 7
0 Kudos
Anonymous
Not applicable
‎05-09-2017 08:18 PM
‎05-09-2017 08:18 PM

Re: Credit card data breach at Chipotle

My secured card company sent me a letter today saying my card could have been compromised, and we were at Chipitle between the dates listed so they canceled my card and are sending me a new one 😒 thanx chipotle👌
Message 7 of 7
0 Kudos
Advertiser Disclosure: The offers that appear on this site are from third party advertisers from whom FICO receives compensation.