WASHINGTON — Chipotle is releasing the findings of its internal investigation into a security breach that affected customers in Maryland.
The cyberattack hit more than 2,250 Chipotle stores on March 24, affecting customers through April 18.
Following its internal investigation, Chiptole reports hackers stole customer payment data, including account numbers and internal verification codes, which, it says in a statement, could be used to empty checking accounts or clone credit cards.
The company suggests customers verify whether they made any purchases during that time frame and look for suspicious financial activity in their accounts.
The company urges consumers to reach out to the Maryland attorney general’s office for guidance, as well.
Christine Tobar from Attorney General Brian Frosh’s office said consumers are welcome to call but will probably find tips on the office’s website helpful in protecting their identity.