SECURITY/RISK

Chipotle Mexican Grill is coming clean about a cyber-attack that targeted the chain last month.   An extensive investigation lead by leading cyber security firms, law enforcement and the payment card networks revealed that malware accessed payment card data used at point-of-sale (POS) devices at certain Chipotle and Pizzeria Locale restaurants between March 24 and April 18. Not all locations were involved, and the specific timeframes vary by location, according to the chain.  

Target Corp. has resolved its 2013 data breach with a deal that represents the largest multi-state data breach settlement in history.   The retailer agreed to pay a total of $18.5 million to settle the case. The money will go to 47 states and the District of Columbia, with California receiving the largest share of  the settlement, more than $1.4 million.    

Brooks Brothers is the latest victim of a data breach.   According to the specialty retailer, an unauthorized individual installed malicious software designed to capture payment card information on some of the chain’s payment processing systems. The software compromised payment card information across some purchases made at certain Brooks Brothers and Brooks Brothers Outlet retail locations in the United States and Puerto Rico.  

Manual security remains prominent among North American retailers despite a predicted increase in fraud related to card not present (CNP) transactions.