Cyber attack sees 2.15 million card details stolen from Planet Hollywood parent company

Millions of cards were sold on the black market over the course of a 10-month period

binary on a screen with words 'hacking attack'

Around 2.15 million credit and debit cards were sold on the black market after hackers used malicious software on point-of-sale systems in some Earl Enterprises restaurants between May 2018 and March 2019.

"The incident has now been contained, and the company continues to work diligently with security experts on further remediation efforts," the company said in a statement. "As part of the investigation, we have been in contact with federal law enforcement officials and are cooperating with them."

Advertisement - Article continues below

"Based on the investigation, it appears that unauthorized individuals installed malicious software on some point-of-sale systems at a certain number of Earl Enterprises' restaurants." 

How the malware got into the point-of-sales systems in the first place remains unknown and is likely an area the investigation by Earl Enterprises will scrutinise. 

Earl Enterprises is the parent company of Planet Hollywood, which may have been affected by the breach in three cities (New York, Las Vegas and Orlando). Other potentially affected brands include Buca di Beppo, Earl of Sandwich, Mixology, Chicken Guy! and Tequila Taqueria. Buca di Beppo was hit particularly hard.

KrebsOnSecurity, contacted Buca di Beppo after determining that many of the restaurant's locations were involved in a data breach. It traced a large batch of stolen cards that appeared on Joker's Stash, a site that sells stolen bank cards, back to the company. 

Advertisement - Article continues below

An analysis of the batch, nicknamed the "DaVinci Breach", revealed that the zip codes and cities from which the cards were stolen matched up with locations of Earl Enterprises restaurants. KrebsOnSecurity contacted Buca di Beppo in February about the suspected hack, and the company announced it recognised the 10-month breach on 29 March. 

Advertisement - Article continues below

The dates in which each restaurant was breached vary. No locations outside of the United States were involved.

The malware collected card numbers, expiration dates and possibly even cardholder names. However, online orders placed through a third-party platform were not affected by the hack.

The company encouraged customers to review their bank statements and notify their bank in the case of suspicious activity. It has also released a list of potentially affected restaurants so customers can determine if their information could be at risk.

Featured Resources

Successful digital transformations are future ready - now

Research findings identify key ingredients to complete your transformation journey

Download now

Cyber security for accountants

3 ways to protect yourself and your clients online

Download now

The future of database administrators in the era of the autonomous database

Autonomous databases are here. So who needs database administrators anymore?

Download now

The IT expert’s guide to AI and content management

Your guide to the biggest opportunities for IT teams when it comes to AI and content management

Download now

Most Popular

Mobile Phones

Microsoft patents a mobile device with a third screen

6 Apr 2020

A critical flaw in 350,000 Microsoft Exchange remains unpatched

7 Apr 2020
cyber security

Microsoft gobbles up domain to keep it from hackers

8 Apr 2020