Chuck Leaver – The Breach At PF Chang Impacts 30 Restaurants Over 8 Months

Written By Chuck Leaver Ziften CEO

The PF Chang dining establishment chain recently published new details about the security breach of its credit card systems throughout the country. The restaurant chain revealed that the breach affected more than 30 restaurants in 17 states and went on for 8 months prior to being detected.

While the investigation is still ongoing, in a declaration PF Chang’s reported that the breach has been contained and customer financial data has been processed securely by the dining establishment since June 11. The compromised systems utilized by the chain were decommissioned until it was clear that their security could be guaranteed, and in the meantime charge cards were processed by hand.

Rick Federico, CEO said in a statement “The potentially taken credit and debit card data consists of the card number and in some cases likewise the cardholder’s name and/or the card’s expiration date.” “However, we have not figured out that any specific cardholder’s credit or debit card data was taken by the attacker.”

PF Chang’s was notified of the breach, which they referred to as a “highly sophisticated criminal operation,” in June when they were called by the Secret Service about cyber security concerns. When informed, the restaurant worked with third-party forensic investigators to find how the breach was able to take place, at which time they discovered that malicious actors had the ability to exploit the chain’s credit card processing systems and potentially gain access to consumer credit card info.

Organizations concerned about comparable data breaches impacting point-of-sale terminals need to carry out endpoint threat detection to keep crucial systems protected. Endpoint defense involves tracking delicate access points – like POS systems, bar code readers and employee mobile devices – and alleviating risks that appear. Constant endpoint visibility is required to determine risks before they jeopardize networks and ensure business security.