P.F. Chang's data breach hits 33 restaurants in 16 states

P.F. Chang's is providing more details on its ongoing investigation into a security breach first reported in June. The list of P.F. Chang's restaurant locations where customers' credit and debit card data may have been stolen includes 33 locations across the United States. 

P.F. Chang's is providing more details on its ongoing investigation into a security breach, saying data may have been stolen from certain credit and debit cards used at 33 P.F. Chang's China Bistro restaurants in the U.S.

P.F. Chang's confirmed in June that data from credit and debit cards used at its restaurants was stolen, but didn't specify the locations at that time. On Monday the company provided a list of locations. These include P.F. Chang's restaurants in Baltimore; St. Louis; Pittsburgh; Austin, Texas; and Charlotte, North Carolina.

A list of all 33 locations, as well as the dates that cards may have been compromised, can be found at pfchangs.com/security. The company said that potentially stolen data includes the card number and may also include the cardholder's name and/or the card's expiration date in some instances.

P.F. Chang's said that it's continuously working to understand the nature and scope of the incident. It says the security compromise has been contained and that it has been processing credit and debit card data securely since June 11.

The restaurant operator noted that as the investigation continues it may identify other locations where data may have been compromised or other date ranges.

P.F. Chang's China Bistro Inc., based in Scottsdale, Arizona, owns its namesake restaurants and Pei Wei Asian Diners. The company was taken private in 2012 by Centerbridge partners LP for about $1.1 billion.

Data breaches have occurred at other major U.S. corporations recently, including Target Corp., Neiman Marcus, Sally Beauty Holdings Inc. and Michaels Stores Inc.

The full statement from P.F. Chang's is below: 

"On Tuesday, June 10, the United States Secret Service alerted P.F. Chang's to a possible security compromise involving credit and debit card data reportedly stolen from certain P.F. Chang's China Bistro branded restaurants located in the continental United States. An investigation into this incident was immediately initiated. Our team, including third-party forensics experts, has been working continuously to understand the nature and scope of the incident. This investigation is ongoing. The security compromise, however, has been contained, and P.F. Chang's has been processing credit and debit card data securely since June 11, 2014.

We have determined that the security of our card processing systems was compromised, and we have reason to believe that the intruder may have stolen some data from certain credit and debit cards that were used during specified time frames at 33 P.F. Chang's China Bistro branded restaurant locations in the continental United States. The potentially stolen credit and debit card data includes the card number and in some cases also the cardholder's name and/or the card's expiration date. However, we have not determined that any specific cardholder's credit or debit card data was stolen by the intruder.

Please visit pfchangs.com/security for a list of the 33 restaurant locations from which we believe credit and debit card data may have been stolen and, for each location, the time frame during which we believe the possibly compromised cards were used by guests at that location. At that site guests can also learn more about the identity protection services being provided for all potentially affected guests. Given the continuing nature of the investigation, other time frames, locations or findings may be identified; therefore, we encourage you to check the site periodically for future updates.

P.F. Chang's encourages its guests to remain vigilant and seek to protect against possible identity theft or other financial loss by reviewing account statements for any unusual activity, notifying their credit card companies, and monitoring their credit reports. Under U.S. law, individuals are entitled to one free credit report annually from each of the three major credit bureaus. To obtain a free credit report, visit www.annualcreditreport.com or call, toll-free, (877) 322-8228.

At no charge, P.F. Chang's guests can also have these credit bureaus place a “fraud alert” on their files that alerts creditors to take additional steps to verify their identity prior to granting credit in their names. Please note, however, that because it tells creditors to follow certain procedures to protect the individual's credit, it may also delay the ability to obtain credit while the agency verifies the individual's identity. As soon as one credit bureau confirms an individual's fraud alert, the others are notified to place fraud alerts on that individual's file. Any individual wishing to place a fraud alert, or who has questions regarding their credit report, can contact any one of the following agencies: Equifax, P.O. Box 105069, Atlanta, GA 30348-5069, 800-525-6285, www.equifax.com; Experian, P.O. Box 2002, Allen, TX 75013, 888-397-3742, www.experian.com; or TransUnion, P.O. Box 2000, Chester, PA 19022-2000, 800-680-7289, www.transunion.com. Information regarding security freezes may also be obtained from these sources.

The Federal Trade Commission (FTC) also encourages those who discover that their information has been misused to file a complaint with them. To file a complaint with the FTC, or to obtain additional information on identity theft and the steps that can be taken to avoid identity theft, the FTC can be reached at: 600 Pennsylvania Avenue NW, Washington, D.C. 20580, or at www.ftc.gov/bcp/edu/microsites/idtheft/ or (877) ID-THEFT (877-438-4338); TTY: (866) 653-4261. State Attorneys General may also have advice on preventing identity theft, and instances of known or suspected identity theft should be reported to law enforcement, the Attorney General in the individual's state of residence, and the FTC. Individuals can also learn more about placing a fraud alert or security freeze on their credit files by contacting the FTC or their state's Attorney General. For North Carolina residents, the Attorney General can be contacted at 9001 Mail Service Center, Raleigh, NC 27699-9001, 919) 716-6400, www.ncdoj.gov. For Maryland residents, the Attorney General can be contacted at 200 St. Paul Place, 16th Floor, Baltimore, MD 21202, (888) 743-0023, www.oag.state.md.us.

We regret any inconvenience this security compromise may have caused our guests. To better assist our guests whose card data may potentially have been affected, P.F. Chang's has established a confidential hotline to answer questions. This hotline is available Monday through Saturday, 8:00 a.m. to 8:00 p.m. C.S.T. and can be reached at 1-877-412-7152. Guests can also visit pfchangs.com/security for additional information."

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.

QR Code to P.F. Chang's data breach hits 33 restaurants in 16 states
Read this article in
https://www.csmonitor.com/Business/Latest-News-Wires/2014/0804/P.F.-Chang-s-data-breach-hits-33-restaurants-in-16-states
QR Code to Subscription page
Start your subscription today
https://www.csmonitor.com/subscribe