Chick-Fil-A Data Breach 2023: What Happened, Who Was Affected, and Steps to Protect Yourself

The Chick-Fil-A Data Breach:  

‍

In March, Chick-Fil-A served up a not-so-delicious announcement, revealing a “fowl” play data breach on their mobile app, which "fried" the personal details of approximately 2% of their app-loving patrons. The company discovered the breach when they noticed unusual login activity occurring within an internal account, and immediately took steps to isolate the incident and fortify against further attacks.

‍

It is good that the company pecked away at the problem when they spotted unusual login activity, swiftly isolating the breach and fortifying their digital coop. However, customers have filed a class action lawsuit stating that the company took two months to notify them of the breach, potentially violating their rights.

‍

It was reported that the hackers were able to perpetrate the breach using a technique called credential stuffing that relies on using related passwords and email addresses to crack into accounts. These credentials were collected from a third party, which has yet to be identified. (This makes the situation even “cluckier”...)

‍

Extent and impact of the Chick-Fil-A Data Breach on consumers

‍

As of right now, it is reported that around 71,000 Chik-Fil-A mobile app customers may have had their personal data exposed and… laid bare. Following their acknowledgement of the data breach, Chick-Fil-A sent out a letter to app users who may have been impacted. If you did not receive this letter but believe that your personal data may have been compromised due to the Chick-Fil-A data breach, take immediate action to protect your data and reach out to the company with your concerns. Don’t just sit there roosting!

‍

In addition to the risk of identity theft, phishing and other criminal hacking methods, some people whose accounts became vulnerable due to the data breach also lost the monetary balance they had on their Chick-Fil-A membership accounts. (You could say that they found their Chick-Fil-A wallet balance, well, plucked clean…)

‍

What personal data was leaked and exposed in the breach?

‍

According to Chick-Fil-A, mobile app customers may have had the following data exposed:

‍

• First and last name
• Email addresses
• Phone numbers associated with the account
• Account numbers
• Chick-Fil-A account balances (which could’ve bought a lot of nuggets…)
• Masked credit card numbers
• Chick-Fil-A membership information.

‍

Here’s what to do if you were impacted

‍

If you received a notification that your data was leaked due to the Chick-Fil-A data breach, you should immediately change the credentials related to your account. Don’t chicken out! Act swiftly:  

‍

• Update passwords and credentials across other important accounts.
• Enable two-factor authentication wherever possible (Remember, variety is the spice of life, and of chicken!)
• Implement credit and identity theft monitoring tools
• Contact Chick-Fil-A to notify them of any monetary balance lost on your account
• Educate yourself about phishing and other potential threats
• Reduce your digital footprint, so hackers can’t “wing” it with your data

‍

Cloaked can help prevent situations like this by allowing you to create new, secure credentials for every account. We ensure that not all of your data eggs are in one basket. By creating diversified, secure credentials for every account, we make it tough for hackers to make a meal out of your information. Don’t wait for another fowl play. Click here to start using Cloaked today.

‍

Helpful Links and Other Resources

‍

• To report identity theft
• To freeze your credit
• Related class action lawsuit(s)
• More information on how to protect your data online

‍