Five Guys recently contacted customers to let them know that their personally identifiable information (PII) had been accessed in a data breach.
The letter that was sent to impacted consumers states that on September 17, 2022 the company identified a security incident. They explain that they immediately took steps to contain the activity. Following this they worked with a cybersecurity firm and law enforcement to investigate the situation.
It was determined on December 8, 2022 that the files that had been accessed contained the PII of those impacted. It is believed that some of the information accessed included names, Social Security numbers and driver’s license details.
The company has offered those affected credit monitoring and identity protection services. It is in the hope that these services will protect against the potential identity fraud they could face. They also state they have “taken steps to enhance our existing security measures” but there is no expansion on what these measures are. This isn’t the first time Five Guys has suffered a cyber attack. A previous data breach resulted in bank, TrustCo, filing a lawsuit against Five Guys for damages. The breach accessed card information and TrustCo were hit with over $100,000 worth of fraudulent charges.
It’s been noted that businesses like this, restaurants and food service outlets, will often deprioritize security in order to save some money. This is despite them collecting more and more data. With the increase of online services such as food ordering and delivery, reservation systems, HR databases they will be handling more data than ever before.
It’s clear that in the wake of this cyber attack the first priority was to investigate the breach. Following this the company will now be forced to pay a considerable amount for the security measures they decide to implement. As well as the services they have had to offer to the affected consumers to protect them against identity theft.
This is a perfect example of what we mean at Value Privacy when we say it costs less to protect your data than the alternative. Don’t leave yourself open to cyber attacks, contact us today.