US banks trace credit fraud to Chick-fil-A locales in possible data breach

Several US financial institutions have discovered a pattern of credit card fraud in accounts used at different Chick-fil-A locations across the US, according to KrebsOnSecurity.

Veteran security reporter Brian Krebs writes that Chick-fil-A received similar reports and is now working with authorities in an ongoing investigation to determine whether there was a data breach. The site first heard of the potential compromise in November, but a major credit association issued an alert late this month that confirmed the situation. "Just before Christmas, one of the major credit card associations issued an alert to several financial institutions about a breach at an unnamed retailer that lasted between Dec. 2, 2013 and Sept. 30, 2014," Krebs noted.

If the fraud is due to a data breach, Information Week reports that Chick-fil-A will absolve affected customers of fraudulent charges and offer them free credit monitoring services. "If the investigation reveals that a breach has occurred, customers will not be liable for any fraudulent charges to their accounts," the company said in a statement. "Any fraudulent charges will be the responsibility of either Chick-fil-A or the bank that issued the card. If our customers are impacted, we will arrange for free identity protection services, including credit monitoring."

Read 2 remaining paragraphs | Comments

Feds: Sony hackers’ next target will be an unnamed news organization

Guardians of Peace, the hacker group that targeted Sony Pictures over its film, The Interview, has apparently also threatened to hack an unnamed "news media organization," according to a bulletin from the FBI and the Department of Homeland Security (DHS).

The document, dated December 24, 2014, was first published by The Intercept on Wednesday. The FBI did not immediately respond to Ars’ request for comment.

Referring to Sony Pictures as USPER1 (US Person 1), the bulletin reads:

Read 3 remaining paragraphs | Comments