UNION COUNTY, NJ — If you used your credit or debit card at Chipotle in Downtown Westfield between March 26 and April 18, or in Clark between March 27 and April 18, you should check your card statements.
Chipotle Mexican Grill, Inc. is reporting new information regarding a security breach that occurred between those days at Chipotle locations nationwide. The Downtown Westfield Chipotle, located at 117 E. Broad St., and the Clark location at 1255 Raritan Rd. have been named as establishments affected.
The company confirms, “The investigation identified the operation of malware designed to access payment card data from cards used on point-of-sale (POS) devices at certain Chipotle restaurants.”
The company’s website goes on to state, “The malware searched for track data (which sometimes has cardholder name in addition to card number, expiration date and internal verification code) read from the magnetic stripe of a payment card as it was being routed through the POS device.”
Patrons who visited Downtown Westfield’s Chipotle location anytime between the dates of March 26 and April 18 or or in Clark between March 27 and April 18, are encouraged to review their payment card statements. Any fraudulent activity should immediately be reported to your financial institution or card issuer for resolution, according to Chipotle. Unauthorized use of personal information should be reported to the New Jersey Attorney General’s office or Federal Trade Commission.
It is always recommended to monitor your personal statements for suspicious activity and fraudulent charges, the company said. For further questions regarding this payment card security breach, customers can contact Chipotle’s Incident Response Line at 888-738-0534.