Skip to main content

2 million diners hit by malware attack at restaurants across U.S.

Diners at restaurants that include Buca di Beppo, Planet Hollywood, and Earl of Sandwich have been hit by a credit card breach involving compromised point-of-sales systems, parent company Earl Enterprises has revealed.

The company confirmed the breach more than a month after high-profile security researcher Brian Krebs contacted Buca di Beppo with information that customer data was being sold by cybercriminals on the dark web. Krebs’ research suggested the breach involved around 2.15 million payment cards used at the Earl Enterprises’ food outlets across the country.

According to a statement on its website, Earl Enterprises said it had recently become aware of a breach “potentially affecting payment card information” linked to customers who visited Buca di Beppo, Planet Hollywood, Earl of Sandwich, Chicken Guy!, Mixology, and Tequila Taqueria between May 23, 2018, and March 18, 2019.

Earl Enterprises said it seems that unauthorized individuals installed malicious software on some point-of-sale systems at a number of its restaurants. The malware stayed on the machines for up to 10 months, capturing payment card data that may have included credit and debit card numbers, expiration dates and, in some cases, cardholder names.

The company reassured its customers that the incident has “now been contained,” adding that it’s working on additional security measures to help prevent a similar incident from happening again. Several cybersecurity firms are currently working on the investigation, with federal law enforcement officials also involved.

Customers who believe they may be affected are being advised to carefully review their credit and debit card account statements “as soon as possible” for suspicious charges or activity.

“As a best practice, we urge you to remain vigilant and continue to monitor statements for unusual activity going forward,” the company said. “If you see anything you do not recognize, you should immediately notify the issuer of the credit or debit card.”

It added: “In instances of payment card fraud, it is important to note that cardholders are typically not responsible for any fraudulent activity that is reported in a timely fashion.”

More information — including which specific restaurant locations were targeted in the malware attack — can be found on Earl Enterprises’ statement page.

Cybercriminals who gather the data usually attempt to sell it on, with buyers hoping to use the data to create counterfeit cards for spending sprees before the owner notices and cancels the card.

The latest breach follows a string of high-profile hacks in recent months affecting millions of people and multiple businesses and services.

Editors' Recommendations

Trevor Mogg
Contributing Editor
Not so many moons ago, Trevor moved from one tea-loving island nation that drives on the left (Britain) to another (Japan)…
We finally know the price of Asus’ most powerful gaming NUC
The Asus ROG NUC on a desk surrounded by three monitors.

The first Asus ROG NUC (Next Unit of Computing) model is just around the corner. The small form factor PC is now up for pre-order at a German retailer, and although it's powerful enough to rival some of the best laptops, it costs more than many comparable models -- and you'll still have to pay extra for a monitor.

Asus' first take on Intel's portable PC contains a lot of compute power in a small chassis. Although there are a few configurations of the PC, the one that was spotted up for sale ahead of time comes with Intel's latest Meteor Lake-H CPU, the Core Ultra 9 185H, which sports 16 cores and 22 threads and can be boosted to run at up to 5.1GHz, all with a thermal design power (TDP) of 45 watts. However, Asus allows overclocking, meaning that the CPU can run at up to 65 watts instead.

Read more
YouTube tells creators to start labeling ‘realistic’ AI content
YouTube on Roku.

YouTube is taking steps to try to help viewers better understand if what they’re watching has been created, whether completely or in part, by generative AI.

“Generative AI is transforming the ways creators express themselves -- from storyboarding ideas to experimenting with tools that enhance the creative process,” YouTube said in a message shared on Monday. “But viewers increasingly want more transparency about whether the content they’re seeing is altered or synthetic.”

Read more
AMD is making the CPU more and more obsolete in gaming
A demo of AMD GPU work graphs featuring in-game scenery including a castle and a town.

At GDC 2024, AMD just expanded on Microsoft's recently announced Work Graphs API, and a quick demo shows just how powerful the new tech can be for gaming performance. AMD's iteration moves draw calls and mesh nodes from the CPU to the GPU, cutting back on the time it takes to execute these tasks. As a result, AMD found that there was a massive performance improvement -- rendering time saw a 64% boost -- when using Work Graphs with mesh shaders.

Microsoft introduced Work Graphs as a way to streamline processes both in gaming and in productivity, all by giving the GPU the power to schedule and execute tasks without first communicating with the CPU. It's built into the Direct3D 12 API and it can reduce bottlenecks and improve gaming performance in 3D games.

Read more