Ride the Lightning

Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.

P.F. Chang's Data Breach: Another Credit Card Compromise

June 16, 2014

As USA Today reported, P.F. Chang's China Bistro said Friday that there has been a breach involving data from customers' credit and debit cards used at its restaurants, confirming earlier reports.

After learning of the breach Tuesday, the company "initiated an investigation with the United States Secret Service and a team of third-party forensics experts to understand the nature and scope of the incident, and while the investigation is still ongoing, we have concluded that data has been compromised," P.F. Chang's CEO Rick Federico said in a statement.

He said the company has created a website for customers to receive updates and answers to their questions, and it has moved to a manual credit card imprinting system. The restaurant chain has 211 P.F. Chang's locations in the USA and 192 Pei Wei Asian Diner restaurants.

The original breach report came from cybersecurity blogger Brian Krebs, who has uncovered previous data breaches at retailers such as Target. He noted that customer data from thousands of credit and debit cards previously used at P.F. Chang's restaurants went up for sale on an underground store known for selling data from tens of millions of cards stolen in the Target breach. Banking sources said the cards had been used at P.F. Chang's locations from the beginning of March to May 19.

The most common way that thieves steal this type of card data is by hacking into cash registers at retail locations and planting malware that records mag stripe data when cards are swiped through the machines. Using that data, criminals re-encode it on new counterfeit cards and purchase expensive items they can sell for cash. This was the methodology used in the Target, Neiman Marcus, Michaels and Sally Beauty breaches.

As I've noted before, the Europeans are using a credit card system that is far more secure – I am baffled as to why the Americans lag so far behind. The modest expense to upgrade our system is far outweighed (I would think) by the reputational and monetary damage inflicted by data breaches.

E-mail: Phone: 703-359-0700
Digital Forensics/Information Security/Information Technology
http://www.senseient.com
http://twitter.com/sharonnelsonesq

Sharon D. Nelson, Esq.
President

Subscribe in a Reader

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Ride the Lightning

P.F. Chang's Data Breach: Another Credit Card Compromise

Subscribe for More!

Recent Posts

Listen to the Podcast

Disclaimer