Credit card breach at Planet Hollywood’s parent company

Earl Enterprises, the restaurant giant that owns Planet Hollywood and Buca di Beppo, has disclosed a data breach affecting its payment card systems.

In a press release published last week, the organisation confirmed that more than 100 of its US restaurants were compromised between 23 May 2018 and 18 March 2019, after criminal hackers planted malware on its POS (point-of-sale) systems.

The malicious software captured payment card data, which may have included card numbers, expiration dates and cardholder names.

Earl Enterprises didn’t confirm how many customers were affected, but security researcher Brian Krebs, who discovered the breach, estimates that 2.15 million card details were stolen.

Who is affected?

Earl Enterprises has released a list of potentially affected locations:

  • Almost all of 67 Buca di Beppo locations.
  • Several of the 31 Earl of Sandwich locations.
  • Planet Hollywood’s locations in Las Vegas, New York City and Orlando.
  • Tequila Taqueria in Las Vegas.
  • Chicken Guy! in Disney Springs, FL.
  • Mixology in Los Angeles.

None of Earl Enterprises’s UK restaurants are believed to be affected, nor are online orders.

What to do if you think you’re affected

Earl Enterprises recommends that potentially affected customers examine their bank statements for suspicious activity and notify their card issuer if they find fraudulent activity.

Unfortunately, because the disclosure has come almost ten months after the breach occurred, it could prove difficult to identify suspicious activity and to redeem the transaction.

This will leave a sour taste in the mouths of customers, who have every right to ask why they are only being notified now. Restaurants are among the most frequently targeted by POS malware attacks, because of the heavy volume of card transactions they handle.

The problem is exacerbated in the US, where few organisations have upgraded to chip and PIN, which helps prevent payment card fraud.

Earl Enterprises says the incident has now been “contained”, adding that it’s “continuing to work diligently with security experts on further remediation efforts.

“Moving forward, the company will continue to closely monitor its systems and take additional security measures to help prevent something like this from happening again in the future.”

Subscribe to our Weekly Roundup for all the latest cyber security news and advice >>