P.F. Chang’s Security Breach Involved 33 Locations, Goes Back To As Early As October 2013

Consumers’ worried their credit card information was compromised during a security breach at P.F. Chang’s China Bistro earlier this summer now have more details. Investigators have determined that the breach affected customers’ credit card information at 33 restaurants and began as early as October 2013.

While the investigation is ongoing, officials with P.F. Chang’s announced the outcome of portions of the U.S. Secret Service and third-party inquiry into the breach.

Banks first reported that customer data could have been compromised on June 10. A few days later the chain piped up to confirm the breach, but provided few other details.

In a statement on P.F. Chang’s website Monday, CEO Rick Federico says investigators found the company’s card processing system was compromised at some locations beginning in Oct. 2013. The breach affected other restaurants starting in Feb. 2014 and April 2014. See the list at the bottom of this post for the current list of affected locations and dates. The company’s Pei Wei-branded restaurants were not hit by the breach.

Affected restaurants are located in Arizona, California, Colorado, Florida, Illinois, Maryland, Missouri, Nevada, New Jersey, New York, North Carolina, Ohio, Oklahoma, Pennsylvania, Tennessee, Texas, Virginia and Washington.

Potentially stolen data includes credit and debit card numbers and, in some cases, the cardholder’s name and/or the card’s expiration date.

In addition to the list at the bottom of this post, P.F. Chang’s website provides information about free ID-protection services for diners who may have been affected by the breach.

Officials at the company say the security compromise has been fully contained and that credit and debit card data has been securely processed at the restaurants since June 11.

Click image to enlarge

Click image to enlarge