Chick-fil-A Investigating Possible Data Breach

Network Computing Dark Reading

Advertise

About Us

Newest First | Oldest First | Threaded View

[close this box]

50%

RyanSepe,
User Rank: Ninja
1/2/2015 | 10:57:55 AM

Re: Chick-Fil-A sustomers would be better off

The same can be said for many enterprises. Most are more likely to attempt reactive steps than be proactive and get onboard with the security initiative. That's where as security professionals we are tasked with providing value in proactive measures. To delineate why it is imperative to improve an enterprise security posture before an event ensues.

The enterprise ideology is equivalent to a child touching the stove. If they were to never be burnt during the process then without being taught why it is crucial not to touch the stove, there would be no reason for them to refrain from that action. In this case, if an enterprise has not been breached, in many cases, the enterprise has no burn factor and without outside intervention may see very little value in being proactive. Unfortunately with the organizations listed in this article it took them being burnt before realizing that there is value in employing security safeguards.

Reply | Post Message | Messages List | Start a Board

100%

Darth Nul,
User Rank: Strategist
12/31/2014 | 3:06:25 PM

Chick-Fil-A sustomers would be better off

if Chick-Fil-A spent their money on improving security rather than providing worthless "credit monitoring" services to affected customers.

Reply | Post Message | Messages List | Start a Board

50%

RyanSepe,
User Rank: Ninja
12/31/2014 | 12:01:39 PM

Re: Vigilance

I would be interested to see the protocols for pursuing this. Since most banks do have a fraud response program, I am curious if this turns out to be a breach if Chick-fil-A's step one will be ask client if they called their bank first.

Reply | Post Message | Messages List | Start a Board

50%

Kelly Jackson Higgins,
User Rank: Strategist
12/31/2014 | 11:44:16 AM

Re: Vigilance

Now you're making me hungry for lunch, @RyanSepe. =) Free credit monitoring services are a pretty standard offering by breached retailers.

One thing I noticed about Chick-fil-A: their PR folks were quick to respond to my query.

Reply | Post Message | Messages List | Start a Board

100%

RyanSepe,
User Rank: Ninja
12/31/2014 | 11:38:32 AM

Vigilance

I knew there was a reason I liked Chick-fil-A. Other than their delcious sandwiches. It is good to see that a company is being vigilant to determine if they were part of a breach as well as providing a means of protection against fraudelant activity related to the breach.

Did any of the other retailers that had confirmed breaches in the previous years offer similar services?

Reply | Post Message | Messages List | Start a Board

Hot Topics

Editors' Choice

US Turning Up the Heat on North Korea's Cyber Threat Operations

Jai Vijayan, Contributing Writer, 9/16/2019

MITRE Releases 2019 List of Top 25 Software Weaknesses

Kelly Sheridan, Staff Editor, Dark Reading, 9/17/2019

Preventing PTSD and Burnout for Cybersecurity Professionals

Craig Hinkley, CEO, WhiteHat Security, 9/16/2019

Live Events

Webinars

[Video] Shaping the Future of IT CIO Lightning Series - Interop19

[Video] An (Ir)rational Approach to Interoperability - Interop19

Enterprise Connect Conference & Expo 2020 - Registration Now Open!

More Informa Tech Live Events

White Papers

Password Remediation Playbook

9 Ways Cybercriminals Disrupt Business Operations

[Guide] Calculating the Cost of Ransomware

2019 State of the Internet/Security: Financial Services Attack Economy

What's the Answer to the Vulnerability Overload Problem?

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: Can we make sure my computer's camera is off? I feel like I am being watched.

Cartoon Archive

Current Issue

7 Threats & Disruptive Forces Changing the Face of Cybersecurity

This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

The State of IT Operations and Cybersecurity Operations

Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Here’s some insight on what's working – and what isn't – in the data center.

Download Now!

How Enterprises Are Developing Secure Applications

0 comments

The State of Cyber Security Incident Response

0 comments

How Enterprises Are Attacking the Cybersecurity Problem

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2019-9717
PUBLISHED: 2019-09-19

In Libav 12.3, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c has a complex format argument to sscanf.

CVE-2019-9719
PUBLISHED: 2019-09-19

A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows attackers to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf.

CVE-2019-9720
PUBLISHED: 2019-09-19

CVE-2019-16525
PUBLISHED: 2019-09-19

An XSS issue was discovered in the checklist plugin before 1.1.9 for WordPress. The fill parameter is not correctly filtered in the checklist-icon.php file, and it is possible to inject JavaScript code.

CVE-2019-9619
PUBLISHED: 2019-09-19

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

Terms of Service
Privacy Statement
Legal Entities