A malware infection has impacted around 2 million customers of the Planet Hollywood, Earl of Sandwich, Chicken Guy!, Tequila Taqueria, Mixology, and Buca di Beppo restaurant chains. The announcement about the attack was recently made by Earl Enterprises, which operates all of the above brands.
The breach was detected by Brian Krebs of KrebsonSecurity, who discovered credit cards were being sold on the darknet marketplace, Joker’s Stash. Batches of credit/debit card numbers that are sold on the site are often given a name that can be tied to a specific breach.
While the name of the batches is not usually directly linked to a particular company, it is sometimes possible to determine the company from where the data came, as the zip code of the breached entity is listed. In this case, Krebs was able to determine the likely source of data as many card numbers came from small towns. It was relatively easy to identify a company that had establishments in those locations – the Buca di Beppo restaurant chain.
Buca di Beppo was alerted to the possible breach on February 21, 2019, and on March 29, Earl Enterprises confirmed that a breach had occurred. The batch of credit card details being sold on Joker’s Stash contained 2.15 million card numbers and included card numbers, expiry dates, and in some cases the name of the cardholder.
Customers’ credit and debit card details were recorded and exfiltrated by malware on the point-of-sale system, which had remained undetected for a period of around 10 months from May 2018 to March 2019.
Customers affected by the breach should not have to cover the cost of any fraudulent charges to their accounts, but they will need to check their statements for any purchases that have not been authorized and should contact their card companies to report the fraud.
Earl Enterprises reports that the breach has now been contained and additional security protections are being implemented to prevent future malware infections. The breach is being investigated by several IT firms and law enforcement.