In March, Chick-Fil-A served up a not-so-delicious announcement, revealing a “fowl” play data breach on their mobile app, which "fried" the personal details of approximately 2% of their app-loving patrons. The company discovered the breach when they noticed unusual login activity occurring within an internal account, and immediately took steps to isolate the incident and fortify against further attacks.
It is good that the company pecked away at the problem when they spotted unusual login activity, swiftly isolating the breach and fortifying their digital coop. However, customers have filed a class action lawsuit stating that the company took two months to notify them of the breach, potentially violating their rights.
It was reported that the hackers were able to perpetrate the breach using a technique called credential stuffing that relies on using related passwords and email addresses to crack into accounts. These credentials were collected from a third party, which has yet to be identified. (This makes the situation even “cluckier”...)
As of right now, it is reported that around 71,000 Chik-Fil-A mobile app customers may have had their personal data exposed and… laid bare. Following their acknowledgement of the data breach, Chick-Fil-A sent out a letter to app users who may have been impacted. If you did not receive this letter but believe that your personal data may have been compromised due to the Chick-Fil-A data breach, take immediate action to protect your data and reach out to the company with your concerns. Don’t just sit there roosting!
In addition to the risk of identity theft, phishing and other criminal hacking methods, some people whose accounts became vulnerable due to the data breach also lost the monetary balance they had on their Chick-Fil-A membership accounts. (You could say that they found their Chick-Fil-A wallet balance, well, plucked clean…)
According to Chick-Fil-A, mobile app customers may have had the following data exposed:
If you received a notification that your data was leaked due to the Chick-Fil-A data breach, you should immediately change the credentials related to your account. Don’t chicken out! Act swiftly:
Cloaked can help prevent situations like this by allowing you to create new, secure credentials for every account. We ensure that not all of your data eggs are in one basket. By creating diversified, secure credentials for every account, we make it tough for hackers to make a meal out of your information. Don’t wait for another fowl play. Click here to start using Cloaked today.