The Federal Trade Commission approved a final settlement order with Dave & Buster's Holdings Inc., an entertainment and restaurant chain. The final order settles charges that the company failed to secure customers' sensitive credit and debit card information, resulting in "several hundred thousand dollars" in fraudulent charges. The FTC did not release an exact total.
The company was hacked in mid-2007 by an intruder who installed unauthorized software and intercepted data sent from the restaurants to credit card processing companies, the FTC reports. An estimated 130,000 credit and debit cards were affected, the FTC said in its original complaint. The company has 53 restaurants.
"After learning of the breach, respondent (Dave and Buster's) took steps to prevent further unauthorized access and to notify law enforcement and the credit card companies of affected consumers," the complaint said.
The settlement requires Dave & Buster's to put in place a comprehensive security program. Officials at Dave and Buster's declined comment.