Newsroom

KrebsOnSecurity reports that CiCi's Pizza, a Texas-based restaurant chain with more than 500 locations in 35 states, has been hit by a credit card data breach.

Krebs said it appears hackers stole credit card data from certain restaurants "by posing as technical support specialists for the company's point-of-sale provider." Krebs noted that more than six financial institutions had contacted the blog with concerns about CiCi's after detecting a pattern of fraud on cards that had been used there during the last few months.

CiCi's told Krebs that an outside public relations firm is handling "the issue."

Krebs also followed up a tip that the breach could have been connected to CiCi's POS provider Datapoint, which denied the connection and said that hackers had posed as specialists from multiple POS providers.

NAFCU continues to push for a strong national data security standard for retailers through the "Data Security Act" (H.R. 2205/S. 961), which would hold retailers to the same standards credit unions already follow under the Gramm-Leach-Bliley Act and institute consumer notification requirements.