Advertisement

P.F. Chang’s in Newport affected by credit card data breach

P.F. Chang's China Bistro Ltd. said Monday that the company experienced a data breach involving customers' credit and debit card information which affected 33 restaurants in 16 states.
P.F. Chang’s China Bistro Ltd. said Monday that the company experienced a data breach involving customers’ credit and debit card information which affected 33 restaurants in 16 states.
(Scott Olson / Getty Images)
By Brianna Sacks
Share

P.F. Chang’s China Bistro Inc. has provided new details about a security breach discovered in June, saying customer data may have been stolen from 33 restaurants in 16 states, including eight in California.

Among those was the chain’s Fashion Island location in Newport Beach. According to a list posted on the P.F. Chang’s website, data may have stolen from customers who visited the Newport restaurant between Oct. 19 and April 10.

A location at Irvine Spectrum Center was not affected, according to the list.

The restaurant chain said Monday that credit card numbers, expiration dates and, in some cases, cardholder names were stolen during an eight-month period. However, the chain has not yet determined whether “any specific cardholder’s credit or debit card data was stolen by the intruder,” according to Chief Executive Rick Federico.

Advertisement

P.F. Chang’s confirmed the data breach June 13, three days after the U.S. Secret Service alerted the chain that its credit card processing systems may have been hacked. The company said the breach occurred between Oct. 19 and June 11.

The intrusion was first reported by security blogger Brian Krebs, who said on his website that banks reported that data from thousands of customers had been pilfered from locations in Florida, Maryland, New Jersey, Pennsylvania, Nevada and North Carolina and was being sold online.

Federico said P.F. Chang’s conducted an internal investigation with the help of forensic data experts and determined the 33 locations that were affected and the specific time frames the credit card processing system was compromised for each.

He also said the company has been processing card data securely since June 11.

The list of all 33 locations, as well as the periods when cards may have been compromised, can be found at pfchangs.com/security.

P.F. Chang’s has about 211 locations in the United States and abroad. The company also operates Pei Wei Asian Diner, which has more than 190 U.S. locations, none of which was compromised, the company said.

- Jill Cowan contributed to this report.

Advertisement