Attack on restaurant in the USA UU exposes data from millions of cards

Attack on restaurant in the USA UU exposes data from millions of cards

Cybercriminals installed malware in Earl Enterprises' point-of-sale systems. 

  The US chain of restaurants Earl Enterprise, owner of such popular national establishments as Buca di Beppo, Earl of Sandwich and Planet Hollywood, confirmed that the credit card data of two million people were sold on the internet after the The company suffered a security breach.

According to KrebsOnSecurity, cybercriminals installed malware in point of sale systems to steal the data.



According to the report, on February 20, 2019 the information was published in a popular forum for the sale of credit cards. The ruling was presented in the payment systems of dozens of restaurants for 10 months, between May 23, 2018 and March 18, 2019, according to the firm.

Earl Enterprises did not specify how many customers in total could have been affected by the theft but set up a website to verify restaurants filtered by locations:  http://www.earlenterprise.com/incident/

The company said that once they learned of the incident, "they quickly started an internal investigation and hired two of the main cybersecurity companies " to take the necessary measures.

The malicious software was designed to capture card data, which could have included credit and debit card numbers, due dates and, in some cases, cardholder names.

The company noted that the incident has been solved and that monitoring is continuing in the systems to prevent similar incidents from happening again in the future.

Earl Enterprises recommended customersCarefully review the credit and debit card statements as soon as possible to detect suspicious charges or activities you do not recognize.

"We invite you to stay alert and continue to monitor for unusual activities in the future. If you see something that you do not recognize, you must immediately notify the issuer of the credit or debit card, "the company said.

Online orders paid through third-party applications or platforms were not affected by this incident nor were facilities outside the United States