Chili’s launches crisis response after data breach
Chili’s Grill & Bar customers might still be paying for their last
The restaurant chain recently suffered a data breach that compromised
customers’ credit and debit card numbers and cardholder names—but it’s
doing what it can to foster trust and help protect its brand reputation.
On Saturday, Brinker International—the parent company of Chili’s and
Maggiano’s Little Italy—announced the incident
in its newsroom. The release read, in part:
On May 11, 2018, we learned that some of our Guests’ payment card
information was compromised at certain Chili’s restaurants as the result of
a data incident. Currently, we believe the data incident was limited to
between March – April 2018; however, we continue to assess the scope of the
incident. We deeply value our relationships with our Guests and sincerely
apologize to those who may have been affected.
We immediately activated our response plan upon learning of this incident.
We are working with third-party forensic experts to conduct an
investigation to determine the details of what happened. Below is
information on how you can protect yourself and your information.
We are working diligently to address this issue and our priority will
continue to be doing what is right for our Guests. We are committed to
sharing additional information on this ongoing investigation with our
Guests as we learn more.
The theft, according to Brinker’s analysis so far, was limited in both
severity and scale. Only credit and debit card data, including customer
names, was compromised—luckily, Chili’s doesn’t ask for your social
security number or date of birth when they sell you a burger. The chain
also says only “certain” restaurants were impacted, and only in March and
April of 2018, though they are still working with security experts to
evaluate the incident.
Join us in Washington, D.C. for the Leadership and ExecutiveCommunicators Conference.]
Chili’s shared its announcement on its Facebook and Twitter profiles, too:
On May 11 we learned that some of our Guests’ payment card information from certain restaurants was compromised. We value our relationship with our Guests and are committed to sharing details as we know more here: https://t.co/xWnJ1a7Auy
— Chili’s Grill & Bar (@Chilis) May 12, 2018
The restaurant chain’s social media team has been
replying to customers’ tweets
and Facebook replies (even though most of the answers direct consumers to
its newsroom for more information).
Perhaps the restaurant has taken notes from other organizations’ data
breaches: Chili’s response has been swift and thorough.
The announcement of the breach came just a day after Brinker says it
discovered it, and just a few weeks after it reportedly occurred. That’s a
marked improvement over some recent reactions to much more widespread data
breaches, including Facebook’s decision to inform neither users nor the
Federal Trade Commission
about the leak of user data in the Cambridge Analytica scandal until it was
discovered by reporters. While U.S. states have a
patchwork of laws
requiring notification of a data breach, no federal standard is in place.
In Brinker’s newsroom, the company provides an overview the incident, along
with the information that was compromised and what it’s doing to
investigate, inform customers and rectify the situation. The page also
offers viewers a frequently asked questions section, which covers when the
event occurred, whether it’s safe to currently use cards at Chili’s (it is)
and advice for customers to prevent fraud.
What do you think of Chili’s crisis response, PR Daily readers?