P.F. Chang's Investigates Data Breach
Restaurant chain P.F. Chang’s China Bistro is the latest retailer to suffer a data breach, according to security blogger Brian Krebs.
Krebs blog, Krebs On Security, reported that thousands of cards appeared on June 9 on an underground website where many cards stolen during the 2013 Target data breach had been sold. Upon inquiry with several banks, Krebs discovered the cards been used at a P.F. Chang’s during the first three weeks of March.
The Scottsdale, Ariz.-based chain has 209 restaurants in the U.S. and 39 in other countries. A spokesman for the company confirmed it is investigating a possible breach.
“P.F. Chang’s takes these matters very seriously and is currently investigating the situation, working with the authorities to learn more. We will provide an update as soon as we have additional information,” the spokesman said.
Krebs reported that restaurants in Florida, Maryland, New Jersey, Pennsylvania, Nevada and North Carolina were caught up in the breach and that data from roughly 5,000 cards were among the first sales offering. Prices for the card data, depending on the card, range from $18 to $140 per card, Krebs said.
The last large sale of stolen card data reported came from a breach at the Sally Beauty retail chain.
NAFCU CEO Dan Berger seized on the reported breach to express credit union frustration with the slow pace of federal legislation mandating a nationwide standard for data security and notification when breaches occur.
“It has been almost six months since Target’s data breach, and we still have no new data security standards for retailers,” Berger said. “Since Target, there has been a major data breach discovered almost every month. The continued lack of national data security standards is an open invitation to cyber criminals.”
Berger cited a report from Intel Security and the Center for Strategic and International Studies that said the U.S. pays $100 billion per year due to cybercrime.