Security Compromise Update
Answers to commonly asked questions for guests.
We continue to make progress in our investigation into the recent security compromise that affected P.F. Chang's.
The following frequently asked questions have been updated to address many of the questions or concerns you may have.
We will continue sharing important details once they have been confirmed by a team of third-party forensic experts. This website remains the best source of information on the investigation into the compromise and our ongoing response.
We look forward to welcoming you at our restaurants and appreciate your patience as the investigation continues.
On Tuesday, June 10, P.F. Chang's learned of a security compromise that involves credit and debit card data reportedly stolen from some of our restaurants. Immediately, we initiated an investigation with the United States Secret Service and a team of third-party forensics experts to understand the nature and scope of the incident, and have concluded that data has been compromised.
The United States Secret Services alerted P.F. Chang's to this incident on June 10, 2014.
We are coordinating with the United States Secret Service on an investigation to determine when the incident started and what information is involved. To assist with these efforts, P.F. Chang's retained specialized data privacy counsel and forensics experts who are actively assisting in the investigation.
The security compromise was part of a highly sophisticated criminal operation that is being investigated by both the United States Secret Service and a team of third-party forensic experts. An investigation of this nature takes time, and while we would like to be in a position to provide further information, we can only share details that have been confirmed by the investigators.
According to the United States Secret Service, credit card and debit card numbers that have been used at P.F. Chang's are involved.
If you suspect fraudulent activity on your credit card or debit card, we urge you to report this suspected fraudulent activity to your card company or issuing bank.
P.F. Chang's continues to work with a team of third-party forensic experts to investigate this incident. P.F. Chang's is also cooperating with the United States Secret Service as they investigate. Once our investigation has determined the scope of the compromise, we will provide that information on this website.
Yes. It is safe for our guests to use their credit and debit cards in our restaurants. We are using encryption-enabled terminals to securely process credit and debit card information.
When we became aware of the security compromise, our first priority was to ensure the safety and security of our guests' payment information in our restaurants. The fastest alternative was to transition to manual imprinting devices (a.k.a. "knuckle busters") to safely process credit and debit card payments at all P.F. Chang's China Bistro branded restaurants in the continental U.S. P.F. Chang's is handling the storage and destruction of these slips according to the data protection processes required by the credit and debit card companies.
We have recently deployed additional encryption-enabled terminals to improve speed and automation in an effort to phase out the use of the “knuckle busters.”
All P.F. Chang's China Bistro branded restaurants in the continental U.S. were provided with an encryption-enabled terminal to securely process credit and debit card information. Over the last week, we have deployed additional terminals to our restaurants, which has helped the speed and automation of our transactions. It has also allowed our restaurants to begin phasing out the manual credit card imprinting. In the near future, we will complete the deployment of new hardware and begin the transition back to our standard card processing system.
We are continuing to work closely with the third party forensic team and will provide information to the credit card companies to assist with efforts to identify the affected cards. The card companies can then provide this information to the issuing banks, who have the best means of directly contacting their affected credit and debit card holders. We encourage all of our guests to continue monitoring their accounts and to report any suspected fraudulent activity to their card company or issuing bank.
Once the investigation has determined the scope of the compromise, we will provide that information on our dedicated website pfchangs.com/security. Please check this website for updates.