Skip to main content

2 million diners hit by malware attack at restaurants across U.S.

Diners at restaurants that include Buca di Beppo, Planet Hollywood, and Earl of Sandwich have been hit by a credit card breach involving compromised point-of-sales systems, parent company Earl Enterprises has revealed.

The company confirmed the breach more than a month after high-profile security researcher Brian Krebs contacted Buca di Beppo with information that customer data was being sold by cybercriminals on the dark web. Krebs’ research suggested the breach involved around 2.15 million payment cards used at the Earl Enterprises’ food outlets across the country.

According to a statement on its website, Earl Enterprises said it had recently become aware of a breach “potentially affecting payment card information” linked to customers who visited Buca di Beppo, Planet Hollywood, Earl of Sandwich, Chicken Guy!, Mixology, and Tequila Taqueria between May 23, 2018, and March 18, 2019.

Earl Enterprises said it seems that unauthorized individuals installed malicious software on some point-of-sale systems at a number of its restaurants. The malware stayed on the machines for up to 10 months, capturing payment card data that may have included credit and debit card numbers, expiration dates and, in some cases, cardholder names.

The company reassured its customers that the incident has “now been contained,” adding that it’s working on additional security measures to help prevent a similar incident from happening again. Several cybersecurity firms are currently working on the investigation, with federal law enforcement officials also involved.

Customers who believe they may be affected are being advised to carefully review their credit and debit card account statements “as soon as possible” for suspicious charges or activity.

“As a best practice, we urge you to remain vigilant and continue to monitor statements for unusual activity going forward,” the company said. “If you see anything you do not recognize, you should immediately notify the issuer of the credit or debit card.”

It added: “In instances of payment card fraud, it is important to note that cardholders are typically not responsible for any fraudulent activity that is reported in a timely fashion.”

More information — including which specific restaurant locations were targeted in the malware attack — can be found on Earl Enterprises’ statement page.

Cybercriminals who gather the data usually attempt to sell it on, with buyers hoping to use the data to create counterfeit cards for spending sprees before the owner notices and cancels the card.

The latest breach follows a string of high-profile hacks in recent months affecting millions of people and multiple businesses and services.

Editors' Recommendations