Chick-fil-A Restaurants

American fast food business Chick-fil-A reported that a campaign of credential stuffing resulted in the compromising of the accounts of over 71000 users.

The business conducted an investigation into the incident with the aid of a forensic agency as soon as it became aware of the attack and took action to stop any additional unauthorized activities.

If the users had stored their phone numbers and addresses in their accounts, those details may have also been revealed, along with the month and day of their birthdays.

The business noted that the customer's credit card number's final four digits would have been all that were visible to unauthorized individuals.

Source: https://securityaffairs.com/143051/data-breach/credential-stuffing-chick-fil-a.html

"id": "CHI183381023",
"linkid": "chick-fil-a-restaurants",
"type": "Breach",
"date": "03/2023",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"