Suspected data breach at CiCi’s Pizza exposes customer payment cards

CiCi’s Pizza, a Texas-based restaurant chain with more than 500 locations in 35 states, may have become a victim of cyber criminals who gained access to CiCi’s customer payment card information. CiCi’s has yet to confirm a data breach.

Reporter Brian Krebs writes that banks have found a pattern of credit card fraud that strongly suggests a payment systems breach at CiCi’s “in the last few months” and “at various locations.”

As with many of the recent large retailer data breaches, the point of entry for the breach was the point of sale terminal. But in this case, the criminals used a low-tech method of obtaining access to the sensitive material:

The data available so far suggests that hackers obtained access to card data at affected restaurants by posing as technical support specialists for the company’s point-of-sale provider, and that multiple other retailers have been targeted by this same cybercrime gang.

More details on this suspected breach on Krebs’ blog.

Get personalized data breach alerts when a business you’ve shopped at has been breached – and the most advanced identity theft protection ever created.