If you dined at one of the several hundred restaurants owned by Landry’s Inc. and paid by credit card, there is a chance your payment information may have been compromised in a data breach affecting the network supporting the restaurant group’s payment processing system.
The Houston, Texas-based company said in a Dec. 31 letter to its customers that it detected malware on the computer network used in its restaurants nationwide. Landry’s restaurants have been using point-of-sale terminals with encryption technology to process card payments since 2016. While credit card information collected by those systems hasn’t been affected, the malware can capture the payment information when a restaurant server mistakenly swipes a credit card on the unprotected devices used to enter kitchen and bar orders. Servers normally swipe customers’ Landry’s Select Club reward cards on those systems.
The company says that the breach may have affected credit cards used in its restaurants in an eight-month period spanning from March 13 to Oct. 17, 2019. The breach likely began as early as Jan. 18, 2019, in a small number of locations.
The malware searched for track data that include the cardholder’s name, card number, expiration date, and internal verification code, whenever a credit card was swiped on the order-entry systems.
The data breach affects about 600 restaurants in the Landry’s group, owned by billionaire Tilman Fertitta, who also acts as the company’s chairman, president and CEO. Landry’s owns more than 60 brands, including Landry’s Seafood House, Rainforest Cafe, Joe’s Crab Shack, and Bubba Gump Shrimp Co.
Landry’s urges its customers to closely review their credit card statements and monitor the activity on their cards. Anyone with questions about the reach is advised to call 833-991-1538 Monday-Friday from 9 a.m. to 9 p.m. Suspicious charges should be reported to the institution that issued the credit card immediately.