Data Breach involving Earl Enterpises

10-month breach leads to 2M cards on cybercrime site

Two million credit and debit card numbers were being sold online following a data breach affecting Earl Enterprises, the parent company of Italian restaurant chain Buca di Beppo and other brands such as Earl of Sandwich and Planet Hollywood. While it appears that none of the locations of the breach were in our area, we still encourage members that live outside of our area, have been traveling, or are just concerned, use the Earl Enterprises online tool link provided in the report below from KrebsonSecurity to see if your card may have been affected. To read the full report, follow the KrebsOnSecurity link below.  If you determine your EEFCU EMV Debit Card has been affected, give us a call.

According to a report by KrebsOnSecurity, specifics on how many customers may have been impacted by the 10-month long breach remain unknown. It appears that virtually all Buca di Beppo locations in the U.S. and a few of the Earl of Sandwich and Planet Hollywood locations were impacted, along with a handful of Earl Enterprises’ lesser-known brands.

In a statement posted to its Web site today, Orlando, Fla. based hospitality firm Earl Enterprises said a data breach involving malware installed on its point-of-sale systems allowed cyber thieves to steal card details from customers between May 23, 2018 and March 18, 2019.

Earl Enterprises did not respond to requests for specifics about how many customers total may have been impacted by the 10-month breach. The company’s statement directs concerned customers to an online tool that allows one to look up breached locations by city and state.

According to an analysis of that page, it appears the breach impacts virtually all 67 Buca di Beppo locations in the United States; a handful out of the total 31 Earl of Sandwich locations; and Planet Hollywood locations in Las Vegas, New York City and Orlando. Also impacted were Tequila Taqueria in Las Vegas; Chicken Guy! in Disney Springs, Fla.; and Mixology in Los Angeles.

The company says online orders were not affected.

Cardholders are not responsible for fraudulent charges, but your bank isn’t always going to detect card fraud. That’s why it’s important to regularly review your monthly statements and quickly report any unauthorized charges.