Chili’s Restaurants

Chili’s Restaurants



Small Business Risk: High (Malware/ Forensics, Brand Reputation/ Loyalty)

Exploit: Malware-based Point of Sale Exploit

Risk to Individuals: Moderate (Replacement of Credit/ Debit Cards with limited liability)

What you need to know: Small business retailers should take the time to educate themselves on POS exploits and how they typically occur. Since most systems do not reside within the traditional network environment, processing systems are most commonly exploited via compromised trusted 3rd party vendors, common credential stuffing and exploit kits delivered via email.

Date Occurred/Discovered: March-April 2018 / Discovered 5/11/18

Date Disclosed: 5/14/18

Data Compromised Preliminary investigation indicates that malware was used to gather payment card information, including credit and debit card numbers, as well as names of cardholders who made in-restaurant purchases.

How it was Compromised: Malware

Customers Impacted: Chili’s has not disclosed the restaurants impacted and/or the number of customers impacted.

Attribution/Vulnerability: Undisclosed at this time.