2 million credit cards’ data stolen from Buca di Beppo, Planet Hollywood, others

A large-scale data breach has affected millions of diners — find out if you’re one of them


Earl Enterprises recently announced a security breach that affected millions of diners at its popular restaurants. Find out if your credit card information has been hacked today.

The content on this page is accurate as of the posting date; however, some of our partner offers may have expired. Please review our list of best credit cards, or use our CardMatch™ tool to find cards matched to your needs.

More than 2 million credit cards were compromised in a data breach that affected restaurant chains Buca di Beppo, Planet Hollywood and others.

If you ate at an Earl Enterprises restaurant — which includes Planet Hollywood, Buca di Beppo, Chicken Guy!, Mixology, Tequila Taqueria and Earl of Sandwich — between May 23, 2018 and March 18, 2019, your credit card may have been hacked.

The company announced on March 29 that hackers had installed malicious software on its point-of-sale systems at its different restaurants and that more than 2 million credit cards were compromised.

The company said any online orders customers made through third-party apps were not affected by the breach. In addition, Earl Enterprises’ Bertucci’s, Seaside on the Pier and Café Hollywood restaurants were not affected, nor were Planet Hollywood hotels and resorts.

If you’re concerned that your information might have been taken in the hack, you can use the Earl Enterprises online tool to look up the restaurant where you ate and see if you’ve been affected.

See related:  How to protect your personal information when booking travel

The discovery

The hackers advertised the stolen credit card information on an online forum called Joker’s Stash, where people buy and sell hijacked debit and credit card numbers.

Cybersecurity journalist Brian Krebs discovered the advertised numbers on that website on Feb. 21 and reported the information to Buca di Beppo.

The breach affects all 67 Buca di Beppo restaurants in the U.S.; a few of the 31 Earl of Sandwich locations; the Las Vegas, New York and Orlando Planet Hollywood locations; Tequila Taqueria in Las Vegas; Chicken Guy! in Disney Springs, Florida, and Mixology in Los Angeles.

The malicious software captured cardholders’ payment card information, which might have included card numbers, expiration dates and even cardholder names.

What Earl Enterprises is doing

“Once we learned of a potential incident, we promptly launched an internal investigation and engaged two leading cybersecurity firms,” Earl Enterprises said in a statement. “As part of the investigation, we have been in contact with federal law enforcement officials and are cooperating with them.”

Earl Enterprises says it has contained the incident and is working with security professionals to prevent future attacks.

See related:  As data breaches increase, here’s how to cut your identity fraud risk

What you should do

Make sure you review your credit and debit card statements carefully and check for any unauthorized activity.

If you see a fraudulent charge, contact your card issuer immediately. Typically, cardholders are not responsible for this type of activity, but you must report it as soon as possible.

Earl Enterprises has presented a reference guide for customers to review. The “Information about Identity Theft Protection” document lists other steps you can take to protect yourself against identity theft.

Editorial Disclaimer

The editorial content on this page is based solely on the objective assessment of our writers and is not driven by advertising dollars. It has not been provided or commissioned by the credit card issuers. However, we may receive compensation when you click on links to products from our partners.

Credit Card Rate Report
Cash Back

Questions or comments?

Contact us

Editorial corrections policies

Learn more