SoCal PF Chang's Restaurants Linked To Nationwide Security Breach

SHERMAN OAKS (CBSLA.com) — Customers of P.F. Chang's restaurants in the San Fernando Valley and across Southern California were notified Monday of a security breach involving involving credit and debit card data, company officials said.

According to a statement dated Aug. 4, the U.S. Secret Service notified the company on June 10 of a possible security compromise involving credit and debit card data reportedly stolen from certain P.F. Chang's China Bistro branded restaurants at 33 locations across the U.S., including stores in Sherman Oaks, Torrance, Rancho Cucamonga, and Newport Beach.

Following an investigation, company officials say they believe data from certain credit and debit cards that were used during "specified time frames" at the affected stores, including the card number and in some cases also the cardholder's name and/or the card's expiration date.

It has not yet been determined if any specific cardholder's credit or debit card data was stolen by the intruder, according to company officials.

No Pei Wei branded restaurants - including local stores in Beverly Hills and Culver City - were affected by the security breach, officials said.

In a statement, CEO Rick Federico said, "We are committed to providing support and resources, including complimentary identity protection services, for all guests that may potentially be affected by the security compromise."

Brian Krebs, publisher and founder of cyber security site Krebs On Security, told KNX 1070 NEWSRADIO that P.F. Chang's is just the latest in a long line of restaurants and other food industry businesses who have been hit hard by data breaches.

"I get questions all the time from people saying, 'Brian, you write about cyber crime all the time, are you concerned about shopping online?' and I tell 'em always the same thing," Krebs said. "I'm more concerned about shopping in Main Street stores than I am about online right now."

Most restaurants and other service industry companies are unfamiliar with how to set up and maintain information technology systems and thus tend to outsource management to third parties, which usually involves remote administration and access and higher vulnerability, according to Krebs.

Customers who may have patronized any of the affected restaurants are encouraged review their bank accounts for any fraudulent activity on your credit card or debit card and report fraudulent activity to their card company or issuing bank.

More information is available at the P.F. Chang's website. For further questions, customers can call 1-877-412-7152.