Landry's Inc. and its affiliated Golden Nugget Hotels and Casinos have outlined payment card data breaches that reach back to May 2014 and affect restaurant, gaming and hotel brands in more than 30 states and Canada.
The Houston-based Landry’s said in a press release late Friday that its investigation, announced Dec. 17, 2015, has found suspected breaches at more than 40 of its brands.
Landry’s, which owns such dozens of brands such as Bubba Gump Shrimp, McCormick & Schmick’s, Morton’s, Oceanaire Seafood Room, Rainforest Café and Saltgrass Steakhouse, said it hired a cyber-security firm and law enforcement officials to investigate its payment card systems after the first reports of suspicious activity.
“Because the companies understand the importance of protecting payment card information, they have been working tirelessly to complete the previously announced payment card investigation,” Landry’s said.
Landry’s said the probe found computer attackers installed a program on payment processing devices at some of its restaurants, food and beverage outlets, spas, entertainment destinations and managed properties.
“The program was designed to search for data from the magnetic stripe of payment cards that had been swiped (cardholder name, card number, expiration date and internal verification code) as the data was being routed through affected systems,” the company said.
A list of brands, locations and dates affected has been posted on Landry’s website.
Landry’s said it implemented enhanced security measures, including end-to-end encryption, to prevent a similar issue in the future and continued to work with law-enforcement agencies.
“The companies are also working closely with the payment card networks to identify potentially affected cards so that the card issuers can be made aware and initiate heightened monitoring of those accounts,” Landry’s said, adding that it would mail letters or send emails to those it could identify.
Restaurants have become frequent targets for payment-card data thieves. In the past two years, Chick-fil-A, Elephant Bar, Jimmy John’s and P.F. Chang’s have acknowledged credit card breaches.
The Wendy’s Co. said Jan. 27 that it was investigating a possible credit card breach as some of its 6,500 restaurants. A spokesman for the Dublin, Ohio-based quick-service chain sit it had received “reports of unusual activity involving payment cards at some restaurant locations” and had hired a security company to investigate.
Landry’s said customers with questions about their payment card use at restaurants and Golden Nugget locations can call (877) 238-2151 in the U.S. and Canada Monday through Friday from 9 am to 7 pm EST.