Earl Enterprises Inc., the company behind Planet Hollywood and other restaurant chains, has admitted that customer data, including credit card details, has been stolen from its point of sales network.

Detailed first by KrebsOnSecurity Friday, the hack was discovered after a database with credit and debit card details belonging to the company’s customers was found in February being sold on the darknet, a shady part of the internet reachable with special software.

The data is said to have dated back 10 months, with Earl Enterprises subsequently confirming that the data related to a period between May 23, 2018 and March 18, 2019.

“The incident has now been contained and the company continues to work diligently with security experts on further remediation efforts,” the company said in a statement. “As part of the investigation, we have been in contact with federal law enforcement officials and are cooperating with them.”

In what has become far too common, the hack involved the insertion of malware into the company’s POS network to intercept and steal payment data. What isn’t clear is whether the infection first came via a POS terminal or at the network level.

Some 67 Buca di Beppo restaurants in the U.S. were affected by the hack, along with a handful of Earl of Sandwich stores. Planet Hollywood locations in Las Vegas, New York City and Orlando were also infected as well as Tequila Taqueria in Las Vegas, Chicken Guy! in Disney Springs, Florida, and Mixology in Los Angeles. Earl Enterprises is encouraging customers to review accounts and credit reports.

Francis Dinha, chief executive officer of OpenVPN Inc., told SiliconANGLE that point-of-sale systems are particularly attractive to hackers because they can net a big payoff with little work.

“These systems contain some of the most valuable information out there — financial, business, and credit — which is incredibly lucrative for hackers,” Dinha explained. “Especially considering that, often, a hacker need only break through a single point of vulnerability on a POS system in order to access an expansive trove of data.”

Dinha noted that POS systems often come with a lot of vulnerabilities, in a large part because they’re infrequently updated.

“Many companies avoiding updating their POS systems to avoid the hassle, which leaves those systems unpatched and exposed to attacks,” Dinha said. “Plus, POS systems are often connected to a weak network — that is, they’re often connected to the same network that all your other applications are on.”

Photo: Loadmaster/Wikimedia Commons