Chili’s data breach: Here’s what we know so far


Restaurant chain Chili’s has announced that a portion of its restaurants were affected by a newly discovered data breach for about two months earlier this spring.

No word yet on exactly how many people are involved in this breach or which individual restaurants were impacted, though details are still emerging.

RELATED: Restaurant apocalypse —600+ chain restaurants closing in 2018

Chili’s reveals data breach

On May 11, Brinker International — the parent company of Chili’s Grill & Bar — disclosed that malware was discovered on some of its payment-related systems. It’s believed that the malware was active between March and April of 2018 at select restaurants.

The info that was captured is believed to have been limited to the credit or debit card numbers and cardholder names of some customers.

The breach is not expected to be as wide-reaching as some other recent ones, like Equifax. That’s because Chili’s doesn’t collect really key identity info such as your Social Security number, full date of birth and or federal or state identification number.

That said, a third-party forensic expert is currently investigating and more developments in this story are expected.

Brinker International also owns Maggiano’s Little Italy, but that chain remains unaffected at this time.

What should you do next? 

Like all corporations that face a breach, Brinker is promising fraud resolution and credit monitoring services for all affected guests. Unfortunately, that’s insufficient to really protect you.

Chili’s parent company is also informing the public about the urgency of doing a credit freeze if you haven’t already done one — and that’s the real key to protection here.


Money expert Clark Howard has long talked about doing a credit freeze as your immediate next step anytime you’re involved in a data breach.

The size of the data breach shouldn’t determine whether or not you should do a credit freeze. The bottom-line is that a credit freeze remains the single best way to protect yourself after a data breach. That’s because a credit freeze effectively shuts down a criminal’s ability to open new credit in your name, even if they get enough of your personal info in a data breach to do so.

Contrary to popular misconception, you can continue to use your existing credit cards when you have a credit freeze on file with the three main credit bureaus — Equifax, Experian and TransUnion.

The freeze only affects criminals trying to open new lines of credit in your name without your permission by shutting them down cold.

See our step-by-step instructions for getting a credit freeze in place.

A challenging year for restaurants

This year has already proven to be another difficult one for the restaurant industry.

Last month, we learned of a data breach that impacted up to an estimated 37 million Panera customers. Earlier in the year, Jason’s Deli revealed a data breach took place at its restaurants during the 2017 holiday season.

But data breaches aren’t the only problem restaurants seem to be facing. In this difficult retail climate, there’s also the specter of store closures to deal with.

The year 2017 saw the shuttering of thousands of chain restaurants, and that trend has continued. So far this year, we’ve gotten announcements about planned closures of 500 Subway restaurants, 60 to 80 Applebee’s locations and about three dozen IHOPs.

More restaurant stories on

Clark Deals
  • Show Comments Hide Comments