The fast-food chain Chick-fil-A has confirmed that it was the victim of a recent data breach.
The breach, reported by security writer Brian Krebs this week on his Krebs on Security blog, came to the restaurant chain's attention after several financial institutions found transactions at Chick-fil-A to be the common thread between credit card fraud cases. Chick-fil-A says that law enforcement has begun an investigation into the incidents.
Customer data was stolen from December 2013 through September 30, 2014, according to the report.
A source at one financial institution told Krebs that its exposure to the breach is higher than to the high-profile Target retail chain data breach earlier this year, with nearly 9,000 customer cards at risk.
The restaurant chain released a comment saying it had "recently received reports of potential unusual activity," and that Chick-fil-A is "working with leading IT security firms, law enforcement and our payment industry contacts to determine all of the facts."