More than 2 million card details went up for sale online in February, following a hack that began in May of last year
A major US restaurant firm has acknowledged a security breach after reports indicated more than 2 million payment cards had been stolen from the company’s customers and sold online.
But Earl Enterprises, which owns the Planet Hollywood restaurant chain, along with others including Earl of Sandwich, Bertucci’s and Buca di Beppo, faced questions after it emerged that the company took about one month to control the breach, after being alerted to it in February of this year.
The hack also lasted an unusually long time, roughly 10 months, beginning in May of last year and continuing until 18 March, 2019.
Earl said hackers had installed malcious code on point-of-sale systems that allowed them to copy card details, and provided a tool allowing users to look up the locations of affected outlets.
Payment cards sold online
Online orders and those paid for via third-party platforms weren’t affected, Earl said.
The breach came to light after a trove of some 2.1 million credit and debit-card details went up for sale on a popular hacker forum in February, 2019.
Brian Krebs, a well-known computer security journalist, said he used postcode data to trace many of the stolen cards to outlets of Buca di Beppo that were located in small US towns, and informed the chain’s management.
Earl Enterprises’ tool indicates that nearly all 67 US Buca di Beppo locations were affected, along with a handful of Earl of Sandwich outlets, and Planet Hollywood restaurants in Las Vegas, New York City and Orlando.
Tequila Taqueria in Las Vegas, Chicken Guy in Disney Springs, Florida and Mixology in Los Angeles were also affected.
“Once we learned of a potential incident, we promptly launched an internal investigation and engaged two leading cybersecurity firms,” Earl Enterprises said in an advisor. “As part of the investigation, we have been in contact with federal law enforcement officials and are cooperating with them.
“Based on the investigation, it appears that unauthorised individuals installed malicious software on some point-of-sale systems at a certain number of Earl Enterprises’ restaurants.”
Such hacks are typically caused by a remote breach of a payment system, which can allow attackers to seed large numbers of terminals with card-copying malware, security experts say.
“it is often possible to infect the entire network of terminals, as was the case in Sak’s Fifth Avenue last year; 5 million credit and debit card numbers were stolen from their systems, a breach originating from a phishing email,” said Positive Technologies cyber-security resilience lead Leigh-Anne Galloway.
She noted that while customers aren’t responsible for fraudulent purchases, banks don’t always spot fraud.
Consumers can protect themselves by keeping an eye on their accounts and setting transaction limits, she said.