Cyber Incident Victim: Brinker International

In March and April 2018, Brinker International, parent company of Chili’s Grill & Bar, experienced a data security incident affecting payment systems at some of its restaurants. Unauthorized actors deployed malware designed to capture credit and debit card information, including card numbers and cardholder names, from Chili’s point-of-sale systems handling in-restaurant transactions. The breach remained undetected during its active period, with the company publicly disclosing the incident on May 11, 2018. Brinker’s preliminary investigation confirmed the malware specifically targeted payment-related infrastructure but did not compromise other guest data, as Chili’s systems did not collect or store sensitive personal identifiers such as Social Security numbers, full dates of birth, or government-issued identification details. The company acknowledged the incident impacted an undetermined number of customers across unspecified restaurant locations during the two-month window but did not release a list of affected establishments.

Brinker International initiated response measures upon discovering the breach, including engaging forensic experts to investigate the malware’s scope and collaborating with law enforcement agencies. The company issued a public apology to potentially affected customers and committed to providing fraud resolution assistance and credit monitoring services, though implementation timelines and eligibility criteria were not specified in the initial disclosure. Internal efforts focused on securing compromised systems, removing the malicious code, and evaluating the total number of impacted payment cards. Brinker emphasized ongoing cooperation with authorities but did not disclose investigative findings regarding the attackers’ identity or intrusion methodology. No ransomware claims or extortion attempts were referenced in the announcement, and the company maintained operational continuity for its restaurants throughout the response period.