The payment card information of individuals who visited Roy’s Hawaii restaurants in Ko’Olina, Waikiki, Kaanapali, Poipu, and Waikoloa between February 1, 2013 and February 25, 2013, might have been stolen by cybercriminals.
Roy’s Holdings, Inc., which owns the impacted establishments, started notifying customers last week.
According to the data incident notice, a piece of malware of unknown origin was identified on the desktop computer of a corporate employee.
After the breach was discovered, several independent security and forensics investigators were called in to analyze the breach. Additional security measures have been implemented to avoid future incidents.
The breach has been reported to the US Secret Service, Visa, MasterCard, Discover and American Express. Customers are advised to keep an eye on their account statements and place a fraud alert on their credit files.
It’s uncertain how many data records have been compromised and why Roy’s has waited so long to notify impacted individuals.