clock menu more-arrow no yes mobile

Filed under:

'Wichcraft Discloses Months-Long Credit Card Hack

Photo:
Hillary Dixler Canavan is Eater's restaurant editor and the author of the publication's debut book, Eater: 100 Essential Restaurant Recipes From the Authority on Where to Eat and Why It Matters (Abrams, September 2023). Her work focuses on dining trends and the people changing the industry — and scouting the next hot restaurant you need to try on Eater's annual Best New Restaurant list.

Bad news for anyone who used a credit card to buy a sandwich from chef Tom Colicchio's chain 'Wichcraft: According to a letter yesterday from the company president (PDF), their payment systems at New York City and San Francisco locations were hacked in August and remained compromised until early October. In total 16 locations were impacted, the 15 in New York and 'Wichcraft's only San Francisco location.

Apparently "the information accessed by the unauthorized party may have included names, payment card numbers, security codes and expiration dates," so it's a pretty big deal. 'Wichcraft advises everyone to check their credit scores and to "remain vigilant" about checking their account statements. The letter also assures customers that 'Wichcraft "quickly took steps to secure the system." The letter does not address why the company waited until the end of December to announce that credit card security was compromised in the late Summer and early Fall, other that they "recently learned" of it. Still, they are "very sorry that this happened." And they're not alone. Restaurants have long been an easy mark for hackers. Below, the letter:

Notice to Our Customers

December 30, 2013

'wichcraft Operating, LLC recently learned that an unauthorized party gained access to our systems, compromising the payment card information of certain customers who made purchases at a 'wichcraft location in New York or San Francisco using a payment card from approximately August 11, 2013 to October 2, 2013. Based on our investigation, the information accessed by the unauthorized party may have included names, payment card numbers, security codes and expiration dates. Not all of these data elements were accessed for each affected customer.

After learning of this incident, we quickly took steps to secure the system to help prevent this type of issue from reoccurring. We are working with law enforcement authorities in their investigation of the incident and also working closely with the relevant payment card brands to share information about the incident.

We take our obligation to safeguard your personal information very seriously. We are alerting affected customers about this incident so they can take steps to help protect their information. You are entitled under U.S. law to one free credit report annually from each of the three national credit bureaus. To order your free credit report, visit http://www.annualcreditreport.com or call toll-free at 1-877-322-8228. We encourage you to remain vigilant by reviewing your account statements and monitoring your free credit reports. If you believe your payment card may have been affected, we recommend that you immediately contact your bank or card issuer.

If you have any questions or would like additional information regarding this incident, please call us toll-free at (866) 942-4272, ext. 6, Monday through Friday from 8:00 a.m. to 8:00 p.m. EST.

At 'wichcraft, we truly value our customers. As part of our commitment to our customers, we are taking steps to help prevent this type of incident from occurring in the future. We are very sorry that this happened.

Sincerely,

Jeffrey Zurofsky
President

· Notice to Our Customers [Official via Consumerist]
· All 'Wichcraft Coverage on Eater [-E-]