The fast food chain says it found malware designed to access payment card data from cards used on point-of-sale devices. The company first reported the problem last month.
A closer investigation revealed five Valley stores were hit between March 25 and April 18 of this year.
The locations include a location at Nees, one at East Shaw, another at North Palm, and two restaurants on North Cedar and West Shaw.
Chipotle says the malware program searched for track data which sometimes has cardholder name, card number, expiration date, and internal verification code.
But there is no indication other customer information was affected.
The fast food chain says it is working with local law enforcement and with the payment card networks so that the banks that issue payment cards can be made aware and initiate heightened monitoring.