April Fools is over, and there’s no kidding anymore. Millions of customers of a known restaurant chain have had their data exposed on the internet for anyone to see including high-risk information such as credit card number. The breach was only confirmed by the restaurant chain on Monday and was determined to have been available for the last ten months in an unsecured database.
Two million credit card information was leaked from the Earl Enterprise Restaurant customers as the company confirms that the data has been exposed for ten months already before they were able to spot the breach. The company, who owns establishments such as Holywood and Mixology, among others, confirmed that the data of their customers are currently being sold online following the breach. While the company has fixed the breach, the company urges its customers to keep an eye on their credit card statements, especially if they have recently visited an Earl Enterprise store.
KrebsOnSecurity discovered the breach and contacted Earl Enterprise after the tech experts discovered “strong evidence” that customer credit card and debit card numbers were being sold online. The cybersecurity experts said that hackers used “malware installed on its point-of-sale systems” to steal 2.15 million credit card and debit card numbers, expiration dates, and some cardholder names from the different locations of the restaurant across 40 states.
Earl Enterprise confirmed that the cyber attack happened between May 2018 and March 2019 and that the incident has been “contained.” The affected restaurants include Buca di Beppo, Chicken Guy!, Mixology, Earl of Sandwich, Planet Hollywood, and Tequila Taqueria outlets.
Following the discovery of the breach, the company has put up a website where customers can check if the restaurants they have visited was one of the affected locations. They clarified that while credit card information was stolen from their POS, online orders were not impacted by the breach.
Stolen data are being sold online
The confirmed case of the cyber attack on Earl Enterprise is the latest on the swath of data breaches that have affected companies all over the world in the past couple of years. Last month, millions of data from six different companies were offered for sale online by a hacker who has previously sold three batches of similar data pools.
The hacker or hacker group named Gnosticplayers has put up for sale the data from six different companies, totaling to 26.42 million user data and records, for which he is exchanging to anyone who can pay him/they with 1.2431 bitcoin ($4,940.00).
Since February 11, the hacker/group has put up data for sale of more than 32 companies on Dream Market, a dark web marketplace. Today, the hacker published a new batch of files from six new companies such as the game dev platform, GameSalad, Brazilian book store, Estante Virtual, online task manager and scheduling apps, Coubic and LifeBear, Indonesia e-commerce giant Bukalapak, and Indonesian student career site, YouthManual.
The data from the popular game development platform, GameSalad, that was hacked last February 2019 includes email addresses, passwords (SHA1/SHA256), username, and IP addresses of users. Similarly the Brazilian book shop, Estante Virtual includes names, username, passwords (SHA1), address, emails, and phone number. Similarly, the hacker/s is/are also selling data from Coubic, scheduling software that includes name, email, and passwords, as well as from LifeBear, a Japanese scheduling app. Furthermore, the hacked data from Bualapak, an Indonesian e-commerce website that was hacked since July 2017 that includes usernames, names, email addresses, password hashes (SHA512+salt), shopping details, and IP address. Lastly, the on-sale data also include hacked names, emails, password hashes, hobbies, and education details of users from the Indonesian youth and career site, YouthManual.
According to the hacker/s, the main reason that the data are on sale right now is that the said companies have failed to protect their data and passwords with robust encryption algorithms like bcrypt.
According to Gnosticplayers, most of the hash passwords that they have put on sale today can be cracked with various levels of difficulty – but they can be broken.
“I get upset because I feel no one is learning. I just felt upset at this particular moment, because seeing this lack of security in 2019 is making me angry,” the hacker added.