Posted on April 1, 2019 at 8:12 PM
Earl Enterprise has taken over a month to remedy a breach that saw 2 million of its customers’ credit card information stolen in a breach that may have lasted up to 10 months.
KrebsOnSecurity stated that they had contacted Buca di Beppo on the 21st of February regarding a breach in their systems. According to the security and analysis website, they had found over 2 million credit card numbers on sale on the dark web. They had strong evidence pointing to a breach in American fast food giant Buca di Beppo systems.
The point of ingress, according to KrebsOnSecurity, was in the PoS (Point of Sale) machines used in their restaurants. The malware was installed on these machines that skimmed the card numbers, expiration dates and even names from some 2.15 million clients.
Earl Enterprises releases comment after a month
Earl Enterprises, a holding company that owns a number of popular fast-food brands, said the breach happened between the 23rd of May 2018 and the 18th of March 2019. They have, in their own words, contained the incident.
They stated that the breach had been found in several of its restaurants. Buca di Beppo was most severely impacted. Planet Hollywood, Earl of Sandwich, Chicken Guy!, Mixology and Tequila Taqueria were also impacted in this attack. The breach was present in over 40 states across the United States.
The company has set up a website for customers to check if they visited the locations that were exposed. They have also confirmed that orders made online were not affected in any way. Earl Enterprises has recommended to its customers to check if there is any suspicious activity in their bank accounts. If they do find any fraudulent transactions, they should notify the issuer immediately.
Earl Enterprises has been coy on the specifics of how many of its customers may have been affected. What is known is how many credit card details were made available for sale online. That much was reported by KrebsOnSecurity, but more specific figures have not been released.
The company added that while the cardholder is not responsible for fraudulent transactions, it is not wise to hope that your bank will detect all fraud. Regularly reviewing your bank statements and monthly transactions can help keep any potential future problems under lock and key.
Joker’s Stash and arcane naming rituals
The credit card dump was found on Joker’s Stash. The website specializes in selling large, fresh batches of credit card details to people who want to profit off them. The website is known for organizing various batches of details according to a codename.
This is done to enable purchasers to know which batch from which merchant is good. This then allows them to either ignore that batch codename or buy more stolen details from they then profit even more.
This focus on batches and nicknames doe snot always correlate to a specific merchant, but there are ways and means for regular users to find out what merchant has been attacked. This will then influence the overall price of future batches. An upscale merchant with fresh details can go for more than a budget merchant with stale card details.
It was due to the in-depth research that KrebsOnSecurity was able to distinguish that the cards had come from Buca di Beppo.
Malicious hackers typically take the car details and clone the cards, using a duplicated card to buy expensive items at retail locations offline. These locations are usually electronics store and big box stores. This allows them to buy goods that sell quickly and easily for cash as “unwanted presents” or through fences with a stable network to sell through.