SCOTTSDALE, Ariz. (CBS/AP) — PF Chang’s is providing more details on its ongoing investigation into a security breach, saying data may have been stolen from certain credit and debit cards used at 33 PF Chang’s China Bistro restaurants in the US.
PF Chang’s confirmed in June that data from credit and debit cards used at its restaurants was stolen, but didn’t specify the locations at that time. Today, the company provided a list of locations. These include PF Chang’s restaurants in Baltimore; St. Louis; Pittsburgh; Austin, Texas; and Charlotte, North Carolina.
In this area the affected restaurants are in Collegeville, Pa., Glen Mills, Pa., and Princeton, NJ. Bucks County consumer protection director Mike Bannon is urging customers to check their statements.
“I suspect a lot of folks just breeze through the bills and pay them, but we’re seeing a lot more of unauthorized charges turning up on credit cards,” he told KYW Newsradio.
A list of all 33 locations, as well as the dates that cards may have been compromised, can be found at pfchangs.com/security. The company said that potentially stolen data includes the card number and may also include the cardholder’s name and/or the card’s expiration date in some instances.
The PF Chang’s in Collegeville, at 10 Providence Town Center, says its credit card data was compromised for eight months, between 10/19/2013 and 6/11/2014.
For the outlet in Glen Mills, at 983 Baltimore Pike, the relevant dates were 4/10/2014 to 6/11/2014.
And in Princeton, at 3545 US Highway 1, the restaurant reports the problem from 2/21/2014 to 6/11/2014.
PF Chang’s said that it is continuously working to understand the nature and scope of the incident. It says the security compromise has been contained and that it has been processing credit and debit card data securely since June 11th.
The restaurant operator noted that as the investigation continues it may identify other locations where data may have been compromised or other date ranges.
PF Chang’s China Bistro Inc., based in Scottsdale, Ariz., owns its namesake restaurants and Pei Wei Asian Diners. The company was taken private in 2012 by Centerbridge partners LP for about $1.1 billion.
Data breaches have occurred at other major US corporations recently, including Target Corp., Neiman Marcus, Sally Beauty Holdings Inc. and Michaels Stores Inc.
KYW Newsradio’s Brad Segall and Ian Bush contributed to this report.
You may also be interested in these stories: