Houston based Landry’s Inc. is the latest hospitality industry company to suffer a cyber security breach. Landry’s acknowledged the investigation of the breach in a press release on December 17, 2015 stating they had received reports of unauthorized charges on credit or debit payment cards that customers used legitimately at some of the restaurants under their management. The breach started approximately in May 2015.
Landry’s said they began an investigation as soon as they learned of the reports of unauthorized charges and have also retained a cyber security specialist company to do an investigation into the source of the breach and the extent of compromise to their customer’s personal information. Landry’s is also investigating in conjunction with the payment card providers and processor.
Due to the early stages of the investigation, the statement from Landry’s was limited in information; however, subsequent information provided by the company did expound on more details like the stores affected by the breach and the approximate dates that the breach may have occurred. The company did try to reassure its customers of their willingness to work steadfastly with customers that may have been affected and in their statement had highlighted in yellow the following:
Individuals that timely report unauthorized charges to the bank that issued the card are generally not responsible for such unauthorized charges. Accordingly, we encourage all consumers to follow good practices by regularly reviewing their payment card accounts and timely reporting unauthorized charges.
We want to assure our customers that protecting their payment card information is a top priority and are working non-stop to complete the investigation. System changes that we began implementing even before we were apprised of the reports of unauthorized usage have already been made, both to the specific restaurants where the suspect activity occurred as well as the overwhelming majority of our restaurants. The new, enhanced payment system encrypts the card data throughout our processing system.
The statement went on to say that though they did not know the extent of the security breach at this time, as the investigations are ongoing, they are taking it very seriously and felt it was important to inform their customers in an over abundance of caution.
In addition, Landry’s included a Frequently Asked Questions (FAQs) section to help its customers explain some of the basic information they may have questions about in regards to the breach and what to do if they believe their payment card has been compromised. Below is a list of the now identified, affected restaurants. To determine the breach dates and states, you can visit this page.
- Aquarium Restaurant
- Babin’s Seafood
- Big Fish
- Brenner’s Steakhouse
- Bubba Gump Shrimp Co.
- Cadillac Bar
- Capi’s Italian Kitchen
- Charley’s Crab
- Chart House
- Claim Jumper
- Company Store
- Fish Tales
- Flying Dutchman
- Galveston Convention Center
- Gandy Dancer
- Golden Nugget in Laughlin, Atlantic City, Biloxi, Lake Charles and Las Vegas
- Grand Concourse
- Grotto
- Kemah Boardwalk
- La Griglia
- Landry’s Seafood
- Mai Tai Bar
- Mastro’s
- McCormick & Schmick’s
- Meriweather’s
- Mitchell’s Fish Market
- Morton’s Grille
- Oceanaire Seafood Room
- Peohe’s
- Pleasure Pier
- Rainforest Cafe
- River Crab
- Rusty Pelican
- Saltgrass Steak House
- San Luis Resort
- SHe
- Simms Steakhouse
- T-REX Cafe
- Tower of the Americas
- Trevi’s
- Willie G’s
- Vic & Anthony’s
- Yak & Yeti
Additional Resources About This Breach:
https://www.landrysselect.com/pdf/LSCMap.pdf
http://krebsonsecurity.com/2015/12/banks-card-breach-at-landrys-restaurants/
http://www.landrysinc.com/protectingourcustomers/Locations.asp?loc=LDRY