Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

P.F. Chang’s Data Breach Could Go Back Months

The breach at P.F. Chang’s China Bistro may have stretched on longer than some thought.

According to reports, the breach may go back as far as September 2013, roughly nine months before it was first discovered. 

The breach at P.F. Chang’s China Bistro may have stretched on longer than some thought.

According to reports, the breach may go back as far as September 2013, roughly nine months before it was first discovered. 

According to Krebs on Security, Visa issued an alert June 17 to a bank notifying them that hundreds of cards were exposed Sept. 18, 2013. Though the alert did not specifically mention P.F. Chang’s, the bank had purchased more than a dozen cards being sold on a cybercrime forum that has been exclusively selling cards stolen from P.F. Chang’s. Every one of the cards was listed in the alert from Visa, according to Krebs.

P.F. Chang’s did not respond immediately to a request for comment. Previously, the restaurant chain said it learned of the compromise June 10, and immediately began cooperating with the U.S. Secret Service as well as third-party forensics experts.

“At P.F. Chang’s, the safety and security of our guests’ payment information is a top priority,” spokesperson Anne Deanovic said in a statement June 12. “Therefore, we have moved to a manual credit card imprinting system for all P.F. Chang’s China Bistro branded restaurants located in the continental United States. This ensures our guests can still use their credit and debit cards safely in our restaurants as our investigation continues.”

If the breach did stretch on for nine months, it would not be the first time that significant time went by before a security breach was plugged. According to the Verizon’s 2014 Data Breach Investigations Report, weeks and months often went by in the cases they investigated in 2013 before the breach was discovered. The Target breach went undiscovered for more than two weeks before the attack was uncovered.

TK Keanini, CTO of Lancope, said that the incident shows that early forms of detection need to be implemented by businesses to keep this from happening “over and over again.”

“The detection here is much too late in the chain of events as the retailer is only made aware that they have been compromised when someone finds their stolen customer data on the black market,” he said. “While this is a form of detection, it is the most expensive form.”

According to reports, banks reported the cards were stolen from P.F. Chang’s China Bistro restaurants in Maryland, Florida, Pennsylvania, Nevada and North Carolina. There are more than 200 of the restaurants in the United States. The company also operates Pei Wei Asian Diner, which has roughly 200 locations as well, but that chain has not been implicated in the breach. 

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack