Earl Enterprises, owners of Buca di Beppo and Planet Hollywood restaurant chains, reported a 10-month long data hack may have exposed customer payment card information. Other restaurants owned by the company include, Bertucci’s, Chicken Guy, Seaside on the Pier, Cafe Hollywood, Mixology, Tequila Taqueria and Earl of Sandwich.
According to Earl Enterprises, the breach affects customers who visited various locations of Buca di Beppo, Earl of Sandwich, Planet Hollywood, Chicken Guy, Mixology or Tequila Taqueria restaurants between May 23, 2018, and March 18, 2019. Online orders using third party services are not affected.
Malicious software, installed on its point-of-sale (POS) machines captured card numbers, expiration dates and, in some cases, cardholder names.
Although the number of customers affected has not been released by the company Krebs on Security reported as many as 2 million credit and debit cards numbers used at Earl Enterprises restaurants were being sold on the dark web.
Krebs also reported that it appears the breach hit nearly all 67 Buca di Beppo locations in the U.S. but only a handful of the 31 other restaurant location located in New York city, Las Vegas, Orlando and Disney Springs, FL and Los Angeles.
According to Al Pascual, head of fraud and security at Javelin Strategy and Research, there is a bit of good news. According to Pascual it’s tougher for criminals to use the card data because of the widespread use of chip cards. However, there is still the possibility of some customers falling victim to card not present fraud that is often done to make online purchases.
If you visited any of the restaurant chains you can use the company’s online tool to determine if the specific location you visited was compromised. Should you discover your location was compromised set up alerts on your card. Also carefully monitor your credit and debit statements for unusual charges you did not make. Notify your bank or credit card issuer if you find suspicious activity and request a new card and account number.
If you used a debit card makes sure you report any suspicious activity immediately to limit your liability.
