Nationwide Payment Card Hack at Major Restaurants

Landry's Data Breach

What happened? 

On December 17, Landry’s Inc., the parent company of over 40 U.S. restaurant chains, confirmed they were investigating a potential data breach of customer payment cards at a number of their restaurants.

Landry’s owns an expansive portfolio of hospitality brands including Morton’s Steakhouse, Bubba Gump Shrimp Factory, Rainforest Café, Claim Jumper and McCormick & Schmick’s, among others. In total, they own and operate more than 500 properties — many being seafood and steakhouses concentrated in popular tourist destinations.

It is not yet clear exactly which properties were involved in the compromise.

Brian Krebs, the investigative journalist credited with discovering the Target data breach, broke the story after corresponding with fraud analysts at numerous financial institutions. His sources linked a pattern of fraud on customer payment cards to Landry’s collection of restaurants.

They believe attack began in May 2015.

Restaurants are a prime target for credit card thieves, namely because they lack stringent payment security processes and rely heavily on their payment-processing vendor to secure sensitive card data. These possible weaknesses make inserting malware on their point-of-sale systems extremely effective.

Landry’s has since hired a cybersecurity firm and is working with their payment-processing vendor to investigate the matter.

What should you do?

Little is known about the size and scope of this potential attack. Consumers who used their payment card at any of Landry’s properties between May and December 2015, should take the following steps to secure their financial accounts.

  1. Review the list of potentially impacted restaurants
    Due to Landry’s extensive collection of restaurants, it’s vital that consumers — especially those who frequently dine out or travel — review the list of restaurants owned by Landry’s. If you used your payment card at one of these prosperities in the past 7 months, please take the necessary precautions to safeguard your financial accounts.
  1. Review bank and credit card statements
    Regularly review financial statements for signs of fraud. Contact your financial institution immediately if you believe your information has been compromised. Remember, you will not be liable for fraudulent charges as long as fraudulent transactions are reported quickly.
  1. Follow this developing story
    Fighting Identity Crimes will keep you updated as new information becomes available about the Landry’s data breach. Be sure to subscribe to our blog to stay up-to-date with the latest identity theft and fraud news.

The views and opinions expressed in this article are those of EZShield Inc. alone and do not necessarily reflect the opinions of any other person or entity, including specifically any person or entity affiliated with the distribution or display of this content.

John is General Counsel and Chief Privacy Officer of Sontiq, the parent company of the EZShield and IdentityForce brands. He is a Certified Compliance...
Read more about John Burcham.

Leave a Comment.