The data breach at P.F. Chang’s China Bistro Ltd. affected 33 restaurants in the continental United States, according to the company’s statement Monday. The investigation into the breach is ongoing, so more restaurants could be involved.
The company explained that the problem was contained and it has been securely processing credits and debit card data since June 11. The Wall Street Journal notes that the U.S. Secret Service flagged a possible security problem June 10, though it hasn’t been determined whether any specific customer data was stolen.
P.F. Chang’s first disclosed the breach and investigation in June, saying it was cooperating with the Secret Service and third-party forensics experts to find out who was responsible for the crime. Chief Executive Rick Federico stated Monday:
“We are committed to providing support and resources, including complimentary identity protection services, for all guests that may potentially be affected by the security compromise.”
The data breach affected P.F. Chang’s locations across the United States, from California to New York. All restaurants affected are listed on the company’s website.
USA Today notes that the security breach affected the company’s card processing systems from October 19, 2013 through June 11, 2014. Frederico noted that the company initiated an internal investigation to assess the extent of the breach. He added that the company believes the intruder may have stolen credit and debit card numbers, names, and expiration dates for some customer’s cards.
The internal investigation, which included help from forensic data experts from a third party contractor, determined the 33 locations involved in the data breach. The team also uncovered the time frames the card processing system was compromised for each location. The restaurant chain has 211 P.F. Chang’s locations in the United States and 192 Pei Wei Asian Diner restaurants. The data only affected the P.F. Chang’s chain.
If you dined at any of the listed locations between the dates noted, you are advised to review your financial records to see if any fraudulent activity has happened since that time. P.F. Chang’s also recommends visiting their Security page, where they can answer any questions customers have about the compromise. The page includes contact information for Credit Reporting Bureaus, the Federal Trade Commission, and state Attorneys General for individual states.
The company will also provide identity protection services for customers who may have been affected by the breach. P.F. Chang’s did not say who may be responsible for the data breach or when they will release more information.
[Image: NBC News]