Diana Kruzman

USA TODAY

Chipotle Mexican Grill said Friday that it has identified the malware that was used to breach customer data and steal credit card information earlier this year.

In an update, the restaurant chain said that it had completed an investigation into the hack and found that the malware targeted credit card readers at "most" of its locations. Customers who swiped their cards at Chipotle between March 24 and April 18 could have had their name, card number, expiration date and verification code stolen. Chipotle spokesman Chris Arnold said that the company "lacks sufficient information" to determine the exact number of customers affected.

“During the investigation we removed the malware, and we continue to work with cyber security firms to evaluate ways to enhance our security measures,” the statement said.

Chipotle disclosed that its payment processing system had been breached at an investor meeting on April 25, and assured shareholders that it was working with investigators to find out how many restaurants were affected.

On its website, the company encouraged customers to stay vigilant about credit card fraud and said that customers who had their accounts breached or who racked up unauthorized charges on their credit cards could usually get their money back by talking to their bank.

Chipotle also provided an online tool to verify whether a particular location was affected, so that people who visited that location can check their bank account and credit card statements to see whether any fraudulent activity had taken place.

Pizzeria Locale, another restaurant chain owned by Chipotle, was also affected and released a statement on its website as well. Pizzeria Locale has locations in Kansas, Colorado, Missouri and Ohio.

At the time of the breach, Chipotle was recovering from a food safety crisis that caused its stock to plummet after it broke out in the fall of 2015. Norovirus and E. coli outbreaks at Chipotle restaurants around the country continued through 2016 as the company struggled to contain the damage, but its shares began to rise again after hitting a low point in December.