USA: Major data breach hits owner of Planet Hollywood Earl Enterprises, the owner of Planet Hollywood’s Las Vegas, Orlando and New York City locations, has confirmed that a cyber attack resulted in the theft of more than 2 million credit cards. Cybercriminals used point-of-sale (POS) malware to obtain credit card details. The breach, which took place between May 2018 and March 2019, was discovered by Brian Krebs (KrebsOnSecurity), a security journalist and investigative reporter, who found that a batch of around 2.15m stolen cards had been made available for sale on an online store called Joker’s Stash. Joker’s Stash regularly sells huge batches of new stolen credit and debit cards to cybercriminals online. According to Tech Radar, while the names of the companies breached are omitted, since the shop indexes their lists of stolen cards by the city or postcode of the store from which the card was stolen, KrebsOnSecurity was able to determine that Bucca di Beppo’s data was stolen based on its store locations.
Earl Enterprises has officially confirmed that a number of its restaurants were targeted by hackers and has explained the extent of the breach in a statement, saying:
The malicious software was designed to capture payment card data, which could have included credit and debit card numbers, expiration dates and, in some cases, cardholder names. Although the dates of potentially affected transactions vary by location, guests that used their payment cards at potentially affected locations between May 23, 2018 and March 18, 2019 may have been affected by this incident.
Cards used for online orders were not affected by the data breach. However, patrons who visited Buca di Beppo, Earl of Sandwich, Planet Hollywood, Chicken Guy!, Mixology or Tequila Taqueria during the last ten months are advised to check their bank statements for any suspicious transactions. Sources and credits: TechRadar Data breaches and cyber attacks have become a daily occurance. Read related stories here