P.F. Chang’s Customer Credit Card Data Leaked and For Sale

Chinese restaurant chain P.F Chang’s has apparently had quite a serious data breach, with credit card details of customers appearing on an online marketplace for dumps and other material. Brian Krebs has a brief summary as to what he discovered. The nationwide chain, which is based in Scottsdale, AZ has over two hundred locations. The company has responded by creating an online clearinghouse for information relating to the breach.

A statement placed on the aforementioned page by CEO Rick Federico claims that they first learned of the breach on June 10 and that they – with help from the Secret Service have “have concluded that data has been compromised,” which I guess officially confirms that the information that has been leaked is indeed genuine. The statement continues to describe their efforts at mitigation which include their chains falling back to “a manual credit card imprinting system for all P.F. Chang’s China Bistro branded restaurants located in the continental United States.” Unfortunately this is rapidly turning into a P.R. nightmare for the chain, with the story today being picked up by USA Today, amongst others.

This again goes to show that failing to secure your customer’s sensitive information can result in very real consequences that far exceed the damage of the initial compromise. This can include potential legal action, compliance investigations and perhaps most importantly – potentially irrepreable damage to the trust that your business with your clients. If you can avoid storing the card data in house and can offload that risk to your card processing organization, then all the better.

About these ads

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s