Unauthorised access to payment systems


In April 2017, the company posted a “Notice of Data Security Incident” on its website to let customers know about unauthorized activity it had detected on the network that supports payment processes.

The investigation was ongoing when the notice was published and the company did not provide any additional information just stating that they believed they had stopped the unauthorized activity.

Free consultation

Want to discuss this case? We're offering a FREE 20 minute phone consultation with our analysts to discuss this case and the implications it has for your organisation. Just select the time and date that works for you:


  • Chipotle Mexican Grill, Inc.

We've done the analysis so you can make the decisions

When purchasing a minimum of 5 Case Studies
$699.99 if buying less than 5.

  • Detailed cause & effect analysis
  • Lessons learnt catalogued
  • Preventive controls extracted
Add to Cart
Heads up! Want to try before you buy? You can download our FREE demo case study here