Card breach reported at Buca di Beppo, Planet Hollywood, and other restaurants

Impacted restaurants include Buca di Beppo, Earl of Sandwich, Planet Hollywood, Chicken Guy!, Mixology, and Tequila Taqueria.
Written by Catalin Cimpanu, Contributor
Planet Hollywood

Earl Enterprises, the hospitality industry giant behind several restaurant brands like Planet Hollywood and Earl of Sandwich, announced today a security breach of its payment card processing systems.

In a press release published late Friday afternoon, the company said that hackers planted malware on the point-of-sale systems at some Earl Enterprises' restaurants.

The malware was active between May 23, 2018, and March 18, 2019, for a period of nearly ten months before the company became aware of the incident.

Impacted restaurants include Buca di Beppo, Earl of Sandwich, Planet Hollywood, Chicken Guy!, Mixology, and Tequila Taqueria.

Earl Enterprises has published an interactive form on its website to help customers determine if they've dined at one of the restaurants that had its POS system compromised with malware.

Over 100 restaurants are impacted

Over 100 restaurants are believed to have been impacted, most being Buca di Beppo and Earl of Sandwich locations.

Other Earl Enterprises restaurants like Bertucci's, Seaside on the Piper, and Cafe Hollywood were not impacted at all.

Only users who dined at the restaurants and paid using a card were impacted. Online orders and users who paid with cash were not affected.

Just like in the case of previous POS system breaches, the malware collected credit and debit card numbers, expiration dates and, in some cases, cardholder names, the company said.

Data is up for sale on a hacking forum

Today's announcement from Earl Enterprises also solves a big mystery in the world of cyber-security.

In February 2019, ZDNet was contacted by a threat intelligence analyst who noticed a huge "card dump" being put up for sale on a well-known forum for selling stolen payment card details.

US February 2019
Image: ZDNet

The data caught the analyst's eye because of its huge size and because it advertised information from US users. It was also advertised as "new," a statement that many threat intelligence firms interpreted as coming from a yet-to-be-disclosed breach, and a pretty big one since hackers were teasing over 2.15 million records.

That mystery was solved today, according to investigative journalist Brian Krebs, who linked the Earl Enterprises card breach to the ad on the Joker's Stash forum.

Because this data has been on sale for more than a month on a very popular carding forum, users who believe to be affected are advised to read the Earl Enterprises security notice, review credit and debit card account statements and credit reports for suspicious transactions, and set security freezes and fraud alerts for their accounts.

These are the worst hacks, cyberattacks, and data breaches of 2018

More data breach coverage:

Editorial standards