Cyber attack sees 2.15 million card details stolen from Planet Hollywood parent company

Millions of cards were sold on the black market over the course of a 10-month period

binary on a screen with words 'hacking attack'

Around 2.15 million credit and debit cards were sold on the black market after hackers used malicious software on point-of-sale systems in some Earl Enterprises restaurants between May 2018 and March 2019.

"The incident has now been contained, and the company continues to work diligently with security experts on further remediation efforts," the company said in a statement. "As part of the investigation, we have been in contact with federal law enforcement officials and are cooperating with them."

Advertisement - Article continues below

"Based on the investigation, it appears that unauthorized individuals installed malicious software on some point-of-sale systems at a certain number of Earl Enterprises' restaurants." 

How the malware got into the point-of-sales systems in the first place remains unknown and is likely an area the investigation by Earl Enterprises will scrutinise. 

Earl Enterprises is the parent company of Planet Hollywood, which may have been affected by the breach in three cities (New York, Las Vegas and Orlando). Other potentially affected brands include Buca di Beppo, Earl of Sandwich, Mixology, Chicken Guy! and Tequila Taqueria. Buca di Beppo was hit particularly hard.

KrebsOnSecurity, contacted Buca di Beppo after determining that many of the restaurant's locations were involved in a data breach. It traced a large batch of stolen cards that appeared on Joker's Stash, a site that sells stolen bank cards, back to the company. 

Advertisement
Advertisement - Article continues below

An analysis of the batch, nicknamed the "DaVinci Breach", revealed that the zip codes and cities from which the cards were stolen matched up with locations of Earl Enterprises restaurants. KrebsOnSecurity contacted Buca di Beppo in February about the suspected hack, and the company announced it recognised the 10-month breach on 29 March. 

Advertisement - Article continues below

The dates in which each restaurant was breached vary. No locations outside of the United States were involved.

The malware collected card numbers, expiration dates and possibly even cardholder names. However, online orders placed through a third-party platform were not affected by the hack.

The company encouraged customers to review their bank statements and notify their bank in the case of suspicious activity. It has also released a list of potentially affected restaurants so customers can determine if their information could be at risk.

Featured Resources

Preparing for long-term remote working after COVID-19

Learn how to safely and securely enable your remote workforce

Download now

Cloud vs on-premise storage: What’s right for you?

Key considerations driving document storage decisions for businesses

Download now

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Transforming productivity

Solutions that facilitate work at full speed

Download now
Advertisement

Most Popular

Visit/business-strategy/careers-training/356422/ibm-job-ad-calls-for-12-year-experience-with-6-year-old
Careers & training

IBM job ad calls for 12-years of experience with six-year-old Kubernetes

13 Jul 2020
Visit/business/business-operations/356395/nvidia-overtakes-intel-as-most-valuable-us-chipmaker
Business operations

Nvidia overtakes Intel as most valuable US chipmaker

9 Jul 2020
Visit/security/cyber-attacks/356417/trump-confirms-cyber-attacks-on-russia-election-trolls
cyber attacks

Trump confirms US cyber attack on Russia election trolls

13 Jul 2020