Skip to main content
  1. Home
  2. News

2 million diners hit by malware attack at restaurants across U.S.

By

Diners at restaurants that include Buca di Beppo, Planet Hollywood, and Earl of Sandwich have been hit by a credit card breach involving compromised point-of-sales systems, parent company Earl Enterprises has revealed.

The company confirmed the breach more than a month after high-profile security researcher Brian Krebs contacted Buca di Beppo with information that customer data was being sold by cybercriminals on the dark web. Krebs’ research suggested the breach involved around 2.15 million payment cards used at the Earl Enterprises’ food outlets across the country.

Recommended Videos

According to a statement on its website, Earl Enterprises said it had recently become aware of a breach “potentially affecting payment card information” linked to customers who visited Buca di Beppo, Planet Hollywood, Earl of Sandwich, Chicken Guy!, Mixology, and Tequila Taqueria between May 23, 2018, and March 18, 2019.

Earl Enterprises said it seems that unauthorized individuals installed malicious software on some point-of-sale systems at a number of its restaurants. The malware stayed on the machines for up to 10 months, capturing payment card data that may have included credit and debit card numbers, expiration dates and, in some cases, cardholder names.

The company reassured its customers that the incident has “now been contained,” adding that it’s working on additional security measures to help prevent a similar incident from happening again. Several cybersecurity firms are currently working on the investigation, with federal law enforcement officials also involved.

Customers who believe they may be affected are being advised to carefully review their credit and debit card account statements “as soon as possible” for suspicious charges or activity.

“As a best practice, we urge you to remain vigilant and continue to monitor statements for unusual activity going forward,” the company said. “If you see anything you do not recognize, you should immediately notify the issuer of the credit or debit card.”

It added: “In instances of payment card fraud, it is important to note that cardholders are typically not responsible for any fraudulent activity that is reported in a timely fashion.”

More information — including which specific restaurant locations were targeted in the malware attack — can be found on Earl Enterprises’ statement page.

Cybercriminals who gather the data usually attempt to sell it on, with buyers hoping to use the data to create counterfeit cards for spending sprees before the owner notices and cancels the card.

The latest breach follows a string of high-profile hacks in recent months affecting millions of people and multiple businesses and services.

Editors’ Recommendations

Topics
Trevor Mogg
Trevor Mogg
Contributing Editor
Not so many moons ago, Trevor moved from one tea-loving island nation that drives on the left (Britain) to another (Japan)…
Hackers were caught hiding password-stealing tricks in people’s physical mail
QR Code scam alert.

Just when you thought you heard it all about hackers stealing passwords, something like this comes up. Hackers have been observed using snail mail, sent from a seemingly reputable source and then pushing recipients to download an app, to try and steal sensitive information.

As reported by The Register, victims received a letter from the "Federal Office of Meteorology and Climatology in Switzerland," and inside was a physical piece of paper, pressuring them  to use the QR code to download an app called "Severe Weather Warning App" for Android. However, once they scan the QR code, it takes them to a third-party site instead of the official Google Play Store. Switzerland's National Cyber Security Centre (NCSC) has already warned about the almost identical-looking app that contains the malware Coper, also known as Octo2.

Read more
Nvidia may keep producing one RTX 40 GPU, and it’s not the one we want
The Alienware m16 R2 on a white desk.

The last few weeks brought us a slew of rumors about Nvidia potentially sunsetting most of the RTX 40-series graphics cards. However, a new update reveals that one GPU might remain in production long after other GPUs are no longer being produced. Unfortunately, it's a GPU that would struggle to rank among Nvidia's best graphics cards. I'm talking about the RTX 4050 -- a card that only appears in laptops.

The scoop comes from a leaker on Weibo and was first spotted by Wccftech. The leaker states that the RTX 4050 is "the only 40-series laptop GPU that Nvidia will continue to supply" after the highly anticipated launch of the RTX 50-series. Unsurprisingly, the tipster also reveals that the fact that both the RTX 4050 and the RTX 5050 will be readily available at the same time will also impact the pricing of the next-gen card.

Read more
The Windows 11 24H2 update is causing even more problems
Windows 11 logo on a laptop.

The Windows 11 24H2 update had already been giving users a real headache with problems such as bugs for visual layouts and flaws for certain wallpaper apps. And now, as Microsoft confirms in a support document, some people without administrative privileges can't change the time zone in the Date & Time view, among myriad other issues related to the important Windows 11 update.

A Feedback Hub post also reports a time issue after exiting Sleep Mode, specifically after about one out of every five overnight sleep cycles. There is also a report that the time is not syncing correctly following daylight saving time. Put differently, the update doesn't break the time zone, but only affects the toggle or makes it very difficult to modify it.

Read more