Millions of credit card numbers have been stolen from a series of popular chain restaurants in the latest massive data breach.
According to KrebsonSecurity, in late February strong evidence was discovered that stolen credit card numbers found for sale on the dark net originated at Buca di Beppo restaurants, indicating that a breach may have occurred at the chain, leaking customer data. Late March, Earl Enterprises, the parent company of Buca di Beppo and several other popular chain restaurants, released a statement confirming that the data breach could affect many of their associated brands:
“Earl Enterprises recently became aware of a data security incident potentially affecting payment card information of a limited number of guests that dined at certain of Earl Enterprises’ restaurants. Potentially affected restaurants include the following brands: Buca di Beppo, Earl of Sandwich, Planet Hollywood, Chicken Guy!, Mixology and Tequila Taqueria. We are providing this notice to our guests to inform them of the incident and steps they can take to help protect themselves. The security and privacy of our guests’ payment card data is a top priority, and Earl Enterprises deeply regrets that this incident occurred.”
According to Earl Enterprises, payment information, including complete card information, may have been leaked over nearly a one-year period:
“The malicious software was designed to capture payment card data, which could have included credit and debit card numbers, expiration dates and, in some cases, cardholder names. Although the dates of potentially affected transactions vary by location, guests that used their payment cards at potentially affected locations between May 23, 2018 and March 18, 2019 may have been affected by this incident. Online orders paid for online through third-party applications or platforms were not affected by this incident.”
While Earl Enterprises did not disclose the estimated number of cards potentially affected, KrebsonSecurity estimated 2.1 million+ cards may have been leaked, affecting millions of customers.
Weaknesses and drawbacks of cards keep piling up
Bitrefill customers unaffected. https://t.co/FtpJ04hE1p https://t.co/AF6XvII317
— Bitrefill (@bitrefill) April 1, 2019
Credit and debit cards, currently at the top of the payments space, have nonetheless recently displayed a series of disadvantages. This recent incident compromising millions of customer cards comes only several months after Marriott hotels experienced a massive breach, affecting the information of a half-billion guests, including many credit cards. Visa and Mastercard recently announced a fee spike coming this year, further straining merchants paying high fees to process card payments. The US government is also considering sanctions on Visa and Mastercard to block financial services to Venezuela.
Cryptocurrency’s advantage in giving users direct control over their funds
The mounting issues piling up with card payment systems continue to draw comparisons with cryptocurrency. Famously, many proponents of Bitcoin, including former prominent Bitcoin Core developer Peter Todd, believe that crypto payments cannot realistically compete with credit cards for everyday payments, likely due to high transaction fees and confirmation times. Coins such as Dash, however, may be much better-suited competitors to cards, with instant confirmation functionality and low fees, and a host of competitive advantages over cards, most notably the user’s control over their own funds and inability to be compromised after a data breach similar to recent issues with Marriott and Earl Enterprises. What cryptocurrencies including Dash presently lack, however, is very wide retail adoption, presenting a key barrier to the switch from cards.
In the interim, several services such as Bitrefill and the recently-integrated eGifter provide fast access to gift cards for Dash, bridging the barrier to access to major retail brands. Gift cards, while a workaround and not a direct payment method, nonetheless do not necessitate or compromise customer personal or financial information and are not vulnerable to breaches such as the above-mentioned restaurant incident. Additionally, Bitrefill carries several gift cards to the restaurant chains affected in the attack.