Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Buca di Beppo, Planet Hollywood and other restaurants owned by Earl Enterprises hit by card breach

Last week, Earl Enterprises admitted having suffered a payment card data breach from tens of its restaurants over a period of 10 months. Earl Enterprises admitted that hackers have stolen payment card data from tens of its restaurants over a period of 10 months. Restaurants at Buca di Beppo, Earl of Sandwich, Planet Hollywood, Chicken […]

Slim CD

Last week, Earl Enterprises admitted having suffered a payment card data breach from tens of its restaurants over a period of 10 months.

Earl Enterprises admitted that hackers have stolen payment card data from tens of its restaurants over a period of 10 months.

Restaurants at Buca di Beppo, Earl of Sandwich, Planet Hollywood, Chicken Guy!, Mixology and Tequila Taqueria owned by Earl Enterprises were impacted by the security breach. An investigation confirmed that almost all the Buca di Beppo locations across the United States have been affected by the breach. The incident also impacted many other locations belonging to the other brands of the Earl Enterprises holding.

Crooks used a PoS malware to syphon payment card data from point-of-sale (PoS) systems at the affected locations. The malicious code was designed to capture card numbers, expiration dates and cardholder names.

Customers that made payment at the impacted locations between May 23, 2018 and March 18, 2019, may be affected. Earl Enterprises published a notice of breach that allows users to discover potentially affected restaurants.

“Earl Enterprises recently became aware of a data security incident potentially affecting payment card information of a limited number of guests that dined at certain of Earl Enterprises’ restaurants. Potentially affected restaurants include the following brands: Buca di Beppo, Earl of Sandwich, Planet Hollywood, Chicken Guy!, Mixology and Tequila Taqueria.” reads the data breach notification. “We are providing this notice to our guests to inform them of the incident and steps they can take to help protect themselves. The security and privacy of our guests’ payment card data is a top priority, and Earl Enterprises deeply regrets that this incident occurred.”

According to the data breach notification, Planet Hollywood hotels or stores Bertucci’s, neither were Seaside on the Pier and Café Hollywood brands were not affected.

“This incident may affect payment card information of a limited number of guests that dined at certain of Earl Enterprises’ restaurants. Payment card information could have included credit and debit card numbers, expiration dates and, in some cases, cardholder names.” continues the notice.

The company confirmed that locations outside of the United States were not affected.

Unfortunately, the stolen data may be already available on the cyber crime underground. The popular investigator Brian Krebs reported that, on February 20, the black marketplace Joker’s Stash had offered for sale roughly 2.15 million stolen cards that appeared to have been stolen from Earl Enterprises restaurants.

Krebs reported its discovery to Earl Enterprises that quickly launched an investigation with the support of two cybersecurity firms and feds.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Earl Enterprises, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]