Italian restaurant company Earl Enterprises recently revealed that it suffered a data security incident that affected payment card information of the customers that dined at its restaurants including Buca di Beppo, Planet Hollywood, Earl of Sandwich, Planet Hollywood, Chicken Guy, Mixology, and Tequila Taqueria. It’s believed that cybercriminals have hacked the restaurant’s point-of-sale systems and compromised credit card information of around 2 million customers who dined at its food outlets across the United States.
In an official statement, Earl Enterprises said that unknown individuals installed malicious software on some of its point-of-sale systems at a number of its restaurants. The malware captured the payment card data for up to 10 months (between May 23, 2018 and March 18, 2019) that included credit and debit card numbers, cardholder names, and expiration dates.
The restaurant chain confirmed the incident after security researcher Brian Krebs alerted the company about the discovery he made on an underground hacking forum a month ago. On February 21, 2019, Krebs contacted the Buca di Beppo after discovering that two million credit and debit card numbers belonging to the company’s customers were kept for sale in the dark web forums, according to krebsonsecurity.
“Once we learned of a potential incident, we promptly launched an internal investigation and engaged two leading cybersecurity firms. As part of the investigation, we have been in contact with federal law enforcement officials and are cooperating with them. Based on the investigation, it appears that unauthorized individuals installed malicious software on some point-of-sale systems at a certain number of Earl Enterprises’ restaurants,” the company said in a statement.
Earl Enterprises stated that it’s working on additional security measures to help prevent a similar incident from happening in the future and suggested the customers check their payment details for any unauthorized transactions.