News

Crack Shack reports security breach

January 27, 2020

The Crack Shack, which has six locations in California, reported a security breach Jan. 17 a store in Encinitas, which could affect customers's using their cards there between Aug. 19, 2018 and Sept. 23, 2019.

The fast casual brand said when it was alerted to unusual activity relating to payment cards it immediately contacted law enforcement and third-party forensic experts to investigate this activity.  The investigation found that payment card information may have been accessed as a result of the installation of malware on a server used to process payment card data at the Encinitas location, according to a company press release. The information included in magnetic stripe track data such as name, card number, expiration date, and/or CVV may have been involved in this incident, but printed security features, such as CVC2/CVV2 were not affected. 

"The Crack Shack takes the security and confidentiality of its customers' information very seriously," according to the release that also said the brand has removed the affected server from its network and began using a new server. It has also deployed tools to monitor its network for suspicious activity and reported the incident to Visa, MasterCard, Discover and American Express. 

Customers should remain vigilant against identity theft by reviewing their financial account statements regularly and monitoring their credit reports for suspicious activity, according to the company. They should immediately report any unauthorized charges to their card issuer.  The phone number to call can be found on the back of the credit or debit card or on the issuer's website.