[ad_1]
On 21 February 2019, KrebsOnSecurity contacted the Italian restaurant chain Buca di Beppo after discovering strong evidence that two million credit and debit card numbers belonging to the company's customers were sold in the basement of cybercrime. The parent company of Buca today announced that it has remedied a breach of its payment system for the past ten months in dozens of restaurants, including in some places of its other brands, such as Earl of Sandwich and Hollywood Planet.
On February 20, 2019, some 2.1 million credit card and debit card accounts stolen from dozens of Earl Enterprises restaurants went on sale at a popular patent forum.
In a statement posted on his website today, the host company based in Orlando, Florida Earl Enterprises A data breach involving malware installed on its point-of-sale systems allowed cyber thieves to steal customer card details between May 23, 2018 and March 18, 2019.
Earl Enterprises has not responded to requests for clarification on the total number of customers likely to have been affected by the 10-month violation. The company's statement directs the affected customers to an online tool to search for violated sites by city and state.
According to an badysis of this page, it appears that the breach affects virtually all 67 Buca di Beppo stores in the United States; a handful out of a total of 31 Earl of Sandwich establishments; and Planet Hollywood in Las Vegas, New York and Orlando. Tequila Taqueria in Las Vegas was also affected. Dude with chicken! in Disney Springs, Florida; and mixology in Los Angeles.
KrebsOnsecurity contacted the Buca di Beppo management team at the end of February after determining that most of the locations in this restaurant were probably involved in a data breach that occurred in the Joker & Stash, an underground store that sold huge new lots of stolen credit and debit cards recently. regularly.
Joker's Stash usually organizes different lots of stolen cards around a code name related to a specific merchant's offense. This naming convention allows criminals who have purchased cards from a specific lot and have successfully used these cards fraudulently to buy back the same lot when future stolen cards from the same violated trader are put on sale .
While the nickname of a given lot usually has little relation to the violated shopkeeper, Joker's Stash offers a number of search options for customers that can sometimes be used to retrieve a large lot of stolen cards from a given merchant. .
This is especially true if the victim merchant has several stores in several small US cities. This is because, if Joker's Stash makes its stolen cards searchable through various qualities – the card-issuing bank or the expiry date – for example, the most useful in this case is the city or postal code badociated with each map.
Like many other card sites, Joker's Stash indexes cards by city and / or zip code of the store where the card was stolen (do not postal code of the card holder concerned).
On February 20, Joker's Stash moved a new batch of about 2.15 million stolen cards that he dubbed the "Davinci Violation". in major cities such as Burnsville, Minnesota, Levonia, Mich., Midvale, Utah, Norwood, Ohio and Wheeling, Ill.
Earl Enterprises stated in its statement that malware in the affected stores was capturing payment card data, which could include credit and debit card numbers, expiration dates and, in some cases, names of card holders. The company said online orders have not been affected.
Malicious hackers typically steal card data from organizations by hacking remote point-of-sale systems and sowing them with malware that can copy the account data stored on the magnetic stripe of the card. Thieves can use this data to clone cards and then counterfeits to buy high-priced merchandise in electronics stores and supermarkets.
Cardholders are not responsible for fraudulent charges, but your bank will not always detect fraud. That's why it's important to regularly review your monthly statements and promptly report unauthorized charges.
Tags: crime of Buca di Beppo, chicken guy! Violation, Davinci Violation, Earl Enterprises, Earl of Sandwich Violation, Joker's Hideout, Mixology Violation, Planet Hollywood Violation, Tequila Taqueria Violation
This entry was posted on Friday, March 29th, 2019 at 3:22 pm and is filed under Data breaches.
You can follow the comments of this entry via the RSS 2.0 feed.
You can go to the end and leave a comment. Ping is currently not allowed.
Source link
