Chipotle Mexican Grill has issued a security incident report noting that it spotted "unauthorized activity" surrounding its payment processing system over a period of at least three weeks.
The possible breach involves credit and debit card transactions at Chipotle restaurants from March 24 to April 18, according to the restaurant chain. Chipotle noted that its investigation is still continuing, and more details may later emerge.
"We recently detected unauthorized activity on the network that supports payment processing for purchases made in our restaurants. We immediately began an investigation with the help of leading cyber security firms, law enforcement, and our payment processor. We believe actions we have taken have stopped the unauthorized activity, and we have implemented additional security enhancements," Chipotle said in a statement.
The security incident is the latest woes for the Mexican restaurant chain. In 2015, an E. Coli outbreak emerged at its restaurants in several states and contributed to its first annual decline in sales, according to a Fortune report.
Read more about Chipotle's incident report here.