Hundreds of Restaurants Involved in Landry’s Data Breach
Landry’s Inc. has notified customers about a data breach impacting many restaurant chains across the United States. Affected brands include Bubba Gump Shrimp Company, Joe’s Crab Shack, McCormick & Schmick’s, Blue Water Grill, Claim Jumper, Del Frisco’s Grille, Dos Caminos, Mitchell’s Fish Market, Rainforest Café, Vic & Anthony’s Steakhouse, and many other establishments.
In their official statement, Landry’s indicates their properties have two types of payment processing terminals. One type is designed to process card data through secure end-to-end encryption. The other terminal is mostly made for order entry. Landry’s says that waitstaff mistakenly processed payments on the order entry terminals instead of the payment terminals, thereby exposing card data.
Between March 13, 2019 and October 17, 2019, malware was installed on the order-entry terminals to collect cardholder names, card numbers, expiration dates, and internal verification codes. Some locations were affected as early as January 18, 2019.
Landry’s has removed the malware on the system and enhanced security measures. They have also re-trained waitstaff to ensure they use the correct terminals for payment processing. The company advises potentially affected customers to monitor their card statements for unauthorized charges and report them immediately.
Landry’s Select Club rewards cards were not impacted by the data breach.