The global Italian food market Eataly confirmed that it was the victim of a data breach earlier this year that could have compromised the data of all payment cards used over a nearly four-month period.
It appears that only Eataly's NYC Retail Marketplace was affected, and not the on-premise Eataly NYC restaurants or other global locations, the company said in a statement. Anyone who purchased something at the marketplace between January 16, 2015 and April 2, 2015 could have financial card payment data at-risk.
The company wrote that it believes malware on its systems captured the date in real time, as Eataly doesn't store payment information on its systems. The company also brought in outside forensic experts to assist in the investigation and render the malware inoperable. The situation is contained, the company said.
Customers can sign up for complimentary fraud resolution and identity protection services by emailing eataly[at]protectmyid[dot]com.