Breach, Data Security

Chipotle data breach leads to illegal ATM withdrawal

In another case of a cybercrime pushing its way into the physical world, the Gainsville, Fla. police department are searching for a man spotted allegedly stealing $17,000 from an ATM by using login credentials taken during the Chipotle data breach earlier this year.

Gainsville police said they are searching for a man whose image was captured on June 30 at the Campus USA Credit Union in Gainsville where he allegedly used the login credentials from more than 40 people whose data was taken during the Chipotle Data breach in May. The data was used to clone fake credit cards which were then used with the PINs to withdraw the money from the ATM.

The police believe the suspect may have bought the login information on the Dark Web, although they doubt the person captured by the ATM camera was involved in the hack, according to the Ocala Star Banner.

“I would seriously doubt that someone with the knowledge of a malware attack such as Chipotle's would be silly enough to get his face on an ATM camera,” Gainsville spokesman Officer Ben Tobias added in an email response to questions about the case.

Five Chipotle restaurants hit by the POS breach are located in the Gainsville region.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.