Card breach reported at Buca di Beppo, Planet Hollywood, and other restaurants


Earl Enterprises, the hospitality industry giant behind several restaurant brands like Planet Hollywood and Earl of Sandwich, announced today a security breach of its payment card processing systems.

In a press release published late Friday afternoon, the company said hackers planted malware on the point-of-sale systems at some Earl Enterprises’ restaurants.
The malware was active between May 23, 2018, and March 18, 2019, for nearly ten months before the company became aware of the incident.
Impacted restaurants include Buca di Beppo, Earl of Sandwich, Planet Hollywood, Chicken Guy!, Mixology, and Tequila Taqueria.
Earl Enterprises has published an interactive form on its website to help customers determine if they’ve dined at one of the restaurants that had its POS system compromised with malware.

Over 100 restaurants are impacted.
Over 100 restaurants are believed to have been impacted, most being Buca di Beppo and Earl of Sandwich locations.
Other Earl Enterprises restaurants like Bertucci’s, Seaside on the Piper, and Cafe Hollywood were not impacted.
Only users who dined at the restaurants and paid using a card were impacted. Online orders and users who paid with cash were not affected.
Like in previous POS system breaches, the malware collected credit and debit card numbers, expiration dates, and, in some cases, cardholder names, the company said.
Data is up for sale on a hacking forum.

Today’s announcement from Earl Enterprises also solves a big mystery in the world of cyber-security.
In February 2019, ZDNet was contacted by a threat intelligence analyst who noticed a huge “card dump” being put up for sale on a well-known forum for selling stolen payment card details.

The data caught the analyst’s eye because of its huge size and because it advertised information from US users. It was also announced as “new,” a statement many threat intelligence firms interpreted as coming from a yet-to-be-disclosed breach. It was pretty big since hackers were teasing over 2.15 million records.

According to investigative journalist Brian Krebs, that mystery was solved today, who linked the Earl Enterprises card breach to the Joker’s Stash forum ad.
Because this data has been on sale for more than a month on a trendy carding forum, users who believe to be affected are advised to read the Earl Enterprises security notice, review credit and debit card account statements and credit reports for suspicious transactions, and set security freezes and fraud alerts for their accounts.