Chipotle Mexican Grill announced Friday that most of its locations were affected by a credit card breach in which customer payment information may have been stolen.
The breach affected the following Bergen and Passaic County locations:
- Clifton: 380 Route 3 West
- East Rutherford: 40 State Route 17
- Edgewater: 14 The Promenade
- Englewood: 10 Nathaniel Place
- Fort Lee: 134 Linwood Plaza
- Lodi: 170 Essex Street, 3
- Paramus: Garden State Plaza AND Route 4 West
- Ramsey: 1255 Route 17 South, Unit 3
- Wayne: 70 Willowbrook Blvd
An investigation identified malware that was used to access data from payment cards used on point-of-sale devices at certain Chipotle restaurants between March 24 and April 18.
The malware searched for data — which sometimes has cardholder name in addition to card number, expiration date, and internal verification code — from the magnetic stripe of a payment card when it was swiped.
There is no indication that other customer information was affected, and Chipotle has removed the malware at the approximately 2,250 restaurants.
Lists of affected Chipotle locations and time frames are available at www.chipotle.com/security . Not all locations were involved, and the time frames vary by location.
Customers with questions can visit www.chipotle.com/security or call 1-888-738-0534 from 9 a.m. to 9 p.m. weekdays and 9 a.m. to 5 p.m. weekends.
Click here to sign up for Daily Voice's free daily emails and news alerts.