Data Breaches

PF Chang's says breach was 'highly sophisticated criminal operation'

But the eating house concatenation still hasn't said how many cards were affected or how the data was stolen

Restaurant chain P.F. Chang's China Bistro says the theft of credit and debit menu data from some of its restaurants earlier this year was "part of a highly sophisticated criminal operation."

But the chain, which only discovered the breach after a large batch of card numbers were offered on an Internet forum, said information technology'southward notwithstanding working with the U.S. Secret Service and forensic experts to determine exactly what happened.

"We continue to make progress in our investigation into the recent security compromise that afflicted P.F. Chang's," said Rick Federico, CEO of PF Chang's, in a statement posted Tuesday on the company's website. "We will continue sharing of import details once they have been confirmed by a team of tertiary-party forensic experts."

The statement was the get-go update issued past the company in iii weeks and didn't add much additional data to what was already known: that an attack manifestly hitting the point-of-auction systems in the company'due south restaurants and sucked upwardly carte du jour numbers used between March and May of this year.

Later the alienation was discovered June x, the restaurant switched to transmission carte imprinters in its restaurants, which were later candy via an encryption-enabled terminal that works on a dial-up fax line. Additional terminals take recently been delivered to restaurants to subtract the reliance on the paw-operated imprinters, the company said.

The breach was the latest in a string of attacks against point-of-sale systems at major U.S. retailers. In late 2013 around 70 1000000 customer records were compromised in an assault on Target stories and criminals also targeted Nieman Marcus.

In those attacks, payment card details were grabbed by malicious software afterward cards were swiped. P.F. Chang'due south has yet to disembalm specific details about how attackers gained access to card information in its arrangement.

A recent survey determined such breaches are speeding adoption of chip-based payment cards in the U.Southward.

Martyn Williams covers mobile telecoms, Silicon Valley and general engineering breaking news for The IDG News Service. Follow Martyn on Twitter at @martyn_williams. Martyn's email accost is martyn_williams@idg.com

Martyn Williams produces engineering science news and product reviews in text and video for PC World, Macworld, and TechHive from his home exterior Washington D.C..

Copyright © 2014 IDG Communications, Inc.