Houston-based dining giant, Landry’s, recently revealed that more than 60 of its restaurants had been affected by a data breach.
The breach was the result of malware that infected its order-entry system, which allows waitstaff to enter kitchen and bar orders and swipe Landry’s Select Club rewards cards.
However, in a notification, Landry said: “in rare circumstances, it appears waitstaff may have mistakenly swiped payment cards on the order-entry systems,” allowing attackers to steal customers’ payment card information.
“The payment cards potentially involved in this incident are the cards mistakenly swiped on the order-entry systems. Landry’s Select Club rewards cards were not involved.”
After a 2015 payment card breach, Landry’s began using POS systems secured by end-to-end encryption. Landry’s order-entry system, however, was not protected with the same technology. As a result, the malware was able to successfully target the restaurant’s order-entry system.
The malware, which was on the systems between March 13 and Oct. 17, 2019, was able to steal the cardholder’s name, card number, expiration date, and internal verification code.
Landry’s, which operates Del Frisco’s Grill, McCormick & Schmick’s, Rainforest Cafe, and many more, did not disclose how many customers were impacted by the breach.