People in eastern Iowa LOVE their Mexican food, which is why this story is particularly worrisome. Chipotle has announced they've determined that five of their eastern Iowa locations were hit by hackers last month.

The incident was first reported on April 25, but now Chipotle has learned, and released, more information. Malware was used at many Chipotle locations from March 24 to April 18 of this year. According to Chipotle, that malware was "designed to access payment card data from cards used on point-of-sale devices at certain Chipotle restaurants." Chipotle also says the malware "searched for track data (which sometimes has cardholder name in addition to card number, expiration date, and internal verification code) read from the magnetic stripe of a payment card as it was being routed through the POS (point-of-sale) device. There is no indication that other customer information was affected." Chipotle has since removed the malware.

If you ate at any of the affected Chipotle restaurants in eastern Iowa (listed below) during that time period, what should you do? Keep an eye on your credit cards. Don't wait for your statement, either. Check online frequently to make sure that you don't see any unexpected charges. If you do, call your credit card company immediately. If you have questions about the breach at Chipotle, you can call them at 888-738-0534 weekdays from 8 a.m. to 8 p.m., Iowa time.

  • Cedar Rapids at 4444 1st Ave. NE, Suite 538
  • Cedar Rapids at 2360 Edgewood Road SW, Suite 100
  • Iowa City at 201 South Clinton, Suite 300
  • Waterloo at 2825 Crossroads Blvd. Suite A
  • Davenport at 5270 Elmore Ave., Suite 3

[via Chipotle]