P.F. Chang's The Latest Target?

The restaurant chain is investigating a possible data breach.

Dark Reading Staff, Dark Reading

June 12, 2014

2 Min Read

Another day, another retail breach. The P.F. Chang's restaurant chain is investigating reports of a possible hack that may have exposed customer payment card information.

KrebsOnSecurity reported late yesterday that a new batch of thousands of stolen cards, including credit card numbers that had been used at P.F. Chang's restaurants, landed on a carding site best known for selling stolen payment data from Target.

"P.F. Chang's takes these matters very seriously and is currently investigating the situation, working with the authorities to learn more. We will provide and update as soon as we have additional information," a P.F. Chang's spokesperson said in response to an inquiry about a possible breach.

Security experts have been expecting more retailers to come forward in the wake of high-profile breaches at Target, Michaels, Neiman Marcus, and Sally Beauty.

Will Gragido, director of security intelligence at NSS Labs, says this latest possible retail breach is yet another example of companies learning from third parties that they've been owned.

"This new P.F. Chang's breach continues an ongoing trend of high profile breaches where the company seems to have no internal awareness about its occurrence until this external notification of private information has been exposed, and the focus for identification is all occurring post-breach," Gragido says. "With the increasingly frequent attacks against the retail industry and POS infrastructure, it appears there is a larger systemic issue at play, and it is likely that these breaches will continue."

He says POS systems are not being properly secured. "The fact that retailers are being more heavily targeted than perhaps ever before suggests that there are fundamental flaws in the security programs and controls which govern the point of sale [PoS] infrastructures serving these environments. It's been my experience that most retailers do not place the same level of scrutiny on their PoS infrastructure as they do on their internal infrastructures."

Read more about:

2014

About the Author(s)

Dark Reading Staff

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

See more from Dark Reading Staff
Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Subscribe

You May Also Like

More Insights
Webinars
More Webinars
Events
More Events

Editor's Choice

Human profiles made out of crumpled paper, with one smoldering around the brain area as smoke rises
Cybersecurity Operations
9 Tips to Avoid Burnout in Cybersecurity9 Tips to Avoid Burnout in Cybersecurity
byJoan Goodchild, Contributing Writer
May 30, 2024
9 Slides
Dark web concept image with hooded hacker
Cyberattacks & Data Breaches
Leak Site BreachForums Springs Back to Life Weeks After FBI TakedownLeak Site BreachForums Springs Back to Life Weeks After FBI Takedown
byJai Vijayan, Contributing Writer
May 29, 2024
4 Min Read
CISO and team looking at screens with cybersecurity information.
Cyber Risk
Making the Case for 'Reasonable' CybersecurityMaking the Case for 'Reasonable' Cybersecurity
byStephen Lawton, Contributing Writer
May 28, 2024
4 Min Read
Reports
More Reports
White Papers
More Whitepapers
Events
More Events