Landry’s Inc.

Houston based Landry’s Inc. is the latest hospitality industry company to suffer a cyber security breach. Landry’s acknowledged the investigation of the breach in a press release on December 17, 2015 stating they had received reports of unauthorized charges on credit or debit payment cards that customers used legitimately at some of the restaurants under their management. The breach started approximately in May 2015.

Landry’s said they began an investigation as soon as they learned of the reports of unauthorized charges and have also retained a cyber security specialist company to do an investigation into the source of the breach and the extent of compromise to their customer’s personal information. Landry’s is also investigating in conjunction with the payment card providers and processor.

Due to the early stages of the investigation, the statement from Landry’s was limited in information; however, subsequent information provided by the company did expound on more details like the stores affected by the breach and the approximate dates that the breach may have occurred.  The company did try to reassure its customers of their willingness to work steadfastly with customers that may have been affected and in their statement had highlighted in yellow the following:

Individuals that timely report unauthorized charges to the bank that issued the card are generally not responsible for such unauthorized charges. Accordingly, we encourage all consumers to follow good practices by regularly reviewing their payment card accounts and timely reporting unauthorized charges.

We want to assure our customers that protecting their payment card information is a top priority and are working non-stop to complete the investigation.  System  changes  that  we  began  implementing  even  before  we  were  apprised  of  the  reports  of  unauthorized  usage  have  already  been  made,  both  to  the  specific  restaurants  where  the  suspect  activity  occurred  as  well  as  the  overwhelming  majority  of  our  restaurants.  The  new,  enhanced  payment  system  encrypts  the  card  data  throughout  our  processing  system.

The statement went on to say that though they did not know the extent of the security breach at this time, as the investigations are ongoing, they are taking it very seriously and felt it was important to inform their customers in an over abundance of caution.

In addition, Landry’s included a Frequently Asked Questions (FAQs) section to help its customers explain some of the basic information they may have questions about in regards to the breach and what to do if they believe their payment card has been compromised. Below is a  list of the now identified, affected restaurants. To determine the breach dates and states, you can visit this page.

• Aquarium Restaurant
• Babin’s Seafood
• Big Fish
• Brenner’s Steakhouse
• Bubba Gump Shrimp Co.
• Cadillac Bar
• Capi’s Italian Kitchen
• Charley’s Crab
• Chart House
• Claim Jumper
• Company Store
• Fish Tales
• Flying Dutchman
• Galveston Convention Center
• Gandy Dancer
• Golden Nugget in Laughlin, Atlantic City, Biloxi, Lake Charles and Las Vegas
• Grand Concourse
• Grotto
• Kemah Boardwalk
• La Griglia
• Landry’s Seafood
• Mai Tai Bar
• Mastro’s
• McCormick & Schmick’s
• Meriweather’s
• Mitchell’s Fish Market
• Morton’s Grille
• Oceanaire Seafood Room
• Peohe’s
• Pleasure Pier
• Rainforest Cafe
• River Crab
• Rusty Pelican
• Saltgrass Steak House
• San Luis Resort
• SHe
• Simms Steakhouse
• T-REX Cafe
• Tower of the Americas
• Trevi’s
• Willie G’s
• Vic & Anthony’s
• Yak & Yeti

Additional Resources About This Breach:

https://www.landrysselect.com/pdf/LSCMap.pdf

http://krebsonsecurity.com/2015/12/banks-card-breach-at-landrys-restaurants/

http://www.khou.com/story/news/local/2015/12/17/landrys-credit-card-security-breaches-reported/77515400/

http://www.landrysinc.com/protectingourcustomers/Locations.asp?loc=LDRY