Chick-fil-A acknowledges customer account abuse but denies compromise of internal systems

Chick-fil-A is warning customers about suspicious activity after dozens of people took to social media to report that their accounts had been accessed and used to make orders.

A spokesperson directed The Record to a statement posted on Twitter on Friday, where the restaurant chain said it is investigating the issue. 

“Chick-fil-A is aware of suspicious activity on some of our customers' Chick-fil-A One accounts. While we are still investigating what happened and how certain customers became subject to this fraudulent activity, this is not due to a compromise of Chick-fil-A Inc.'s internal systems," the company said.  

The company said it is working to resolve the issue and provided a number that customers can call if they find any suspicious activity. 

The fast food giant posted a similar message on its website and directed customers to several pages where they suggested people reset their Chick-fil-A One account password and dispute any charges with their bank. 

If mobile orders were placed fraudulently from someone’s Chick-fil-A One account, the restaurant urged them to contact customer service, adding that their internal team will investigate and may follow-up with more information. 

On Twitter and Reddit, several customers reported that someone had hacked into their accounts and used the points they had accrued to make orders. Others said money was loaded into their Chick-fil-A One accounts from their bank accounts and used to make orders. 

Others said hackers took over their accounts and changed the affiliated email address so as to avoid customers receiving notifications about withdrawals from their bank accounts. 

A researcher told BleepingComputer that there is evidence that hackers are selling stolen accounts on cybercriminal marketplaces for $2-$200, with the price of the accounts based on how much money was already in it, whether a bank account was linked, or how many reward points the account already had. 

The incident comes days after international food chain Five Guys announced its own data breach involving employment files accessed on September 17, 2022. 

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
No previous article
No new articles

Jonathan Greig

Jonathan Greig is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.