Cyber attack sees 2.15 million card details stolen from Planet Hollywood parent company

Millions of cards were sold on the black market over the course of a 10-month period

binary on a screen with words 'hacking attack'

Around 2.15 million credit and debit cards were sold on the black market after hackers used malicious software on point-of-sale systems in some Earl Enterprises restaurants between May 2018 and March 2019.

"The incident has now been contained, and the company continues to work diligently with security experts on further remediation efforts," the company said in a statement. "As part of the investigation, we have been in contact with federal law enforcement officials and are cooperating with them."

"Based on the investigation, it appears that unauthorized individuals installed malicious software on some point-of-sale systems at a certain number of Earl Enterprises' restaurants." 

How the malware got into the point-of-sales systems in the first place remains unknown and is likely an area the investigation by Earl Enterprises will scrutinise. 

Earl Enterprises is the parent company of Planet Hollywood, which may have been affected by the breach in three cities (New York, Las Vegas and Orlando). Other potentially affected brands include Buca di Beppo, Earl of Sandwich, Mixology, Chicken Guy! and Tequila Taqueria. Buca di Beppo was hit particularly hard.

KrebsOnSecurity, contacted Buca di Beppo after determining that many of the restaurant's locations were involved in a data breach. It traced a large batch of stolen cards that appeared on Joker's Stash, a site that sells stolen bank cards, back to the company. 

An analysis of the batch, nicknamed the "DaVinci Breach", revealed that the zip codes and cities from which the cards were stolen matched up with locations of Earl Enterprises restaurants. KrebsOnSecurity contacted Buca di Beppo in February about the suspected hack, and the company announced it recognised the 10-month breach on 29 March. 

The dates in which each restaurant was breached vary. No locations outside of the United States were involved.

The malware collected card numbers, expiration dates and possibly even cardholder names. However, online orders placed through a third-party platform were not affected by the hack.

The company encouraged customers to review their bank statements and notify their bank in the case of suspicious activity. It has also released a list of potentially affected restaurants so customers can determine if their information could be at risk.

Featured Resources

Modern governance: The how-to guide

Equipping organisations with the right tools for business resilience

Free Download

Cloud operational excellence

Everything you need to know about optimising your cloud operations

Watch now

A buyer’s guide to board management software

How the right software can improve your board’s performance

The real world business value of Oracle autonomous data warehouse

Lead with a 417% five-year ROI

Download now

Recommended

Senate report slams agencies for poor cyber security
cyber security

Senate report slams agencies for poor cyber security

3 Aug 2021
Most employees put their workplace at risk by taking cyber security shortcuts
cyber security

Most employees put their workplace at risk by taking cyber security shortcuts

27 Jul 2021
61% of organizations say improving security a top priority for 2021
cyber security

61% of organizations say improving security a top priority for 2021

29 Jun 2021
ProtectedBy.AI’s CodeLock blocks malware at source code level
software as a service (SaaS)

ProtectedBy.AI’s CodeLock blocks malware at source code level

9 Jun 2021

Most Popular

How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

6 Jan 2022
Dell XPS 15 (2021) review: The best just got better
Laptops

Dell XPS 15 (2021) review: The best just got better

14 Jan 2022
How to speed up Windows 11
Microsoft Windows

How to speed up Windows 11

7 Jan 2022