Fired Chick-fil-A Worker Returns to Ring Up $80K in Fake Mac and Cheese Refunds
Finn's Take· TL;DR- Fired Chick-fil-A worker allegedly created 800 fake mac and cheese orders, issuing $80K in refunds to personal credit cards before arrest.
- Jones accessed register system after termination, exploiting security gaps; now faces felony charges including theft, money laundering, and evading arrest.
- Case highlights industry-wide vulnerability where restaurants fail to immediately revoke system access for terminated employees, enabling register manipulation schemes.
The Elaborate Return
Getting fired usually means collecting your belongings and moving on. For 23-year-old Keyshun Jones, it meant returning to his former Chick-fil-A workplace in Grapevine, Texas, to allegedly orchestrate an $80,000 fraud scheme . Police say surveillance footage shows Jones behind the counter without authorization, where he used the restaurant's register to ring up roughly 800 orders of macaroni and cheese trays before refunding them to his personal credit cards .
The investigation began in November 2025 after the restaurant owner reported suspicious refund activity . Detectives reviewing surveillance footage identified Jones as the suspect, despite him being terminated about a month earlier . The brazen nature of the scheme raises questions about restaurant security protocols and how terminated employees might retain access to point-of-sale systems.
How the Scheme Worked
Jones allegedly created roughly 800 fraudulent orders for macaroni and cheese trays at the register, then immediately issued refunds to his personal credit cards . The alleged theft totaled just over $80,000 , suggesting each fake transaction averaged around $100 – consistent with catering-sized portions that Chick-fil-A offers for large groups.
Authorities have not disclosed how Jones was able to access the register system after his termination . This type of scheme involving fake orders and fraudulent refunds represents a common form of employee theft in the restaurant industry, where workers with register access can manipulate point-of-sale systems . The case highlights vulnerabilities that exist when security protocols aren't immediately updated after employee departures.
The Hunt and Arrest
A warrant was issued for Jones' arrest on April 6 , but he evaded authorities multiple times before being taken into custody on April 17, with assistance from the Texas Attorney General's Fugitive Task Force and the Fort Worth Police Department . Jones now faces multiple felony charges, including property theft, money laundering, and evading arrest .
If convicted, he could face up to 10 years in state prison under Texas law . The money laundering charge typically applies when proceeds from alleged illegal activity are processed through financial transactions, while the evading arrest charge indicates authorities believe he attempted to avoid being taken into custody .
A Growing Problem
Fast-food chains have seen a range of such incidents in recent years, including a McDonald's employee in Texas who was arrested in January 2026 for allegedly double-charging drive-thru customers . Other cases include a pizza restaurant manager convicted of embezzling $130,000 from a customer loyalty program in 2023, and employees at Burger King and Wendy's locations arrested in separate credit card theft cases .
These incidents underscore the importance of robust security measures in retail environments, particularly regarding register access and refund protocols. As payment systems become increasingly digital, restaurants must balance operational efficiency with fraud prevention, ensuring that terminated employees cannot exploit system vulnerabilities for personal gain.