The Massachusetts Attorney General’s office reached a settlement with The Briar Group, which owns and operates several popular bars and restaurants in the Boston area, including The Lenox, MJ O’Connor’s, Ned Devine’s, The Green Briar and The Harp. 

The settlement resolves allegations that the restaurant chain failed to take reasonable steps to protect its customers’ personal information, “thereby putting the payment card information of tens of thousands of consumers at risk,” according to Attorney General Martha Coakley.  “When consumers use their credit and debit cards at Massachusetts establishments, they have an expectation that their personal information will be propertly protected,” AG Coakley said.  “In this instance, the Briar Group did not take proper protections to protect customers’ personal information. In addition to the payment, this agreement also works to ensure that steps have been taken to protect consumer information moving forward.”

According to a lawsuit filed,  in April 2009 the Briar Group experienced a data breach when malcode installed on the company’s computer system allowed hackers access to customers’ credit and debit card information, including names and account numbers.   Also according to the lawsuit, the malcode was not removed from the Briar Group’s computers until December 2009.

Under the terms of the settlement, all The Briar Group’s restaurants must develop a security password manangement system and implement data security measures to protect its customers in the future.