Buca di Beppo suffers payment systems breach

Monday 1 April 2019 10:46 CET | News

Buca di Beppo, an Italian restaurant chain, has suffered a 10-month breach of its payment systems at dozens of restaurants in the US.

As a result, two million credit and debit card numbers belonging to the company’s customers were being sold in the cybercrime underground on Feb. 20, 2019, according to Brian Krebs.

In a statement posted to its website, the US-based hospitality company Earl Enterprises said a data breach involving malware installed on its point-of-sale systems allowed cyber thieves to steal card details from customers between May 23, 2018 and March 18, 2019.

The malicious software installed at affected stores captured payment card data, which could have included credit and debit card numbers, expiration dates and, in some cases, cardholder names. The company says online orders were not affected.

The breach impacts virtually all 67 Buca di Beppo locations in the US; a handful out of the total 31 Earl of Sandwich locations; and Planet Hollywood locations in Las Vegas, New York City and Orlando. Also impacted were Tequila Taqueria in Las Vegas; Chicken Guy! in Disney Springs, Fla.; and Mixology in Los Angeles.

Earl Enterprises did not respond to requests for specifics about how many customers total may have been impacted by the 10-month breach, the online security researcher continues. The company’s statement directs concerned customers to an online tool that allows one to look up breached locations by city and state.

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: Buca di Beppo, data breach, POS, malware, hospitality chain, US, payment data, credit card, payment security breach, fraud prevention
Countries: World

Industry Events