SCOTTSDALE, Ariz. - P.F. Chang's is providing more details on its ongoing investigation into a security breach, saying data may have been stolen from certain credit and debit cards used at 33 P.F. Chang's China Bistro restaurants in the U.S.
P.F. Chang's confirmed in June that data from credit and debit cards used at its restaurants was stolen, but didn't specify the locations at that time. On Monday the company provided a list of locations. These include P.F. Chang's restaurants in Baltimore; St. Louis; Pittsburgh; Austin, Texas; and Charlotte, North Carolina.
This is the complete list of restaurants affected by the breach, as well as the dates cards may have been compromised:
- Scottsdale, Ariz. 10/19/2013 - 6/11/2014
- Chula Vista, Calif. 10/19/2013 - 6/11/2014
- Torrance, Calif. 10/19/2013 - 6/11/2014
- Winter Park, Fla. 10/19/2013 - 6/11/2014
- White Plains, N.Y. 10/19/2013 - 6/11/2014
- Collegeville, Pa. 10/19/2013 - 6/11/2014
- Chattanooga, Tenn. 10/19/2013 - 6/11/2014
- Woodbridge, Va. 10/19/2013 - 6/11/2014
- Peoria, Ariz. 2/21/2014 - 6/11/2014
- Carlsbad, Calif. 2/21/2014 - 6/11/2014
- Palm Beach Gardens, Fla. 2/21/2014 - 6/11/2014
- Chesterfield, Mo. 2/21/2014 - 6/11/2014
- Durham, N.C. 2/21/2014 - 6/11/2014
- Princeton, N.J. 2/21/2014 - 6/11/2014
- Dayton, Ohio 2/21/2014 - 6/11/2014
- Tulsa, Okla. 2/21/2014 - 6/11/2014
- Temecula, Calif. 4/10/2014 - 6/11/2014
- Palo Alto, Calif. 4/10/2014 - 6/11/2014
- Sherman Oaks, Calif. 4/10/2014 - 6/11/2014
- Rancho Cucumonga, Calif. 4/10/2014 - 6/11/2014
- Lakewood, Colo. 4/10/2014 - 6/11/2014
- Clearwater, Fla. 4/10/2014 - 6/11/2014
- Schaumburg, Ill. 4/10/2014 - 6/11/2014
- Baltimore, Md. 4/10/2014 - 6/11/2014
- St. Louis, Mo. 4/10/2014 - 6/11/2014
- South Las Vegas, Nev. 4/10/2014 - 6/11/2014
- Pittsburgh, Pa. 4/10/2014 - 6/11/2014
- Glen Mills, Pa. 4/10/2014 - 6/11/2014
- Austin, Texas 4/10/2014 - 6/11/2014
- Bellevue, Wash. 4/10/2014 - 6/11/2014
- Lynnwood, Wash. 4/10/2014 - 6/11/2014
- Newport Beach, Calif. 10/19/2013 - 4/10/2014
- Charlotte, N.C. 10/19/2013 - 10/26/2013
The company said that potentially stolen data includes the card number and may also include the cardholder's name and/or the card's expiration date in some instances.
P.F. Chang's said that it's continuously working to understand the nature and scope of the incident. It says the security compromise has been contained and that it has been processing credit and debit card data securely since June 11.
The restaurant operator noted that as the investigation continues it may identify other locations where data may have been compromised or other date ranges.
P.F. Chang's China Bistro Inc., based in Scottsdale, Arizona, owns its namesake restaurants and Pei Wei Asian Diners. The company was taken private in 2012 by Centerbridge partners LP for about $1.1 billion.
Data breaches have occurred at other major U.S. corporations recently, including Target Corp., Neiman Marcus, Sally Beauty Holdings Inc. and Michaels Stores Inc.