P.F. Chang's China Bistro, a chain of Asian-themed restaurants, said it's investigating whether it was the target of a data breach following a report that stolen customer data had appeared online.
"P.F. Chang's takes these matters very seriously and is currently investigating the situation, working with the authorities to learn more," Julie Elkinton, chief brand officer for the Scottsdale, Ariz.-based company, said in an e-mailed statement yesterday. "We will provide an update as soon as we have additional information."
Brian Krebs, an independent journalist who investigates hacker attacks, reported yesterday that thousands of newly stolen credit and debit cards went up for sale on an underground Web marketplace. Several banks indicated that the cards in the batch had been used at P.F. Chang's locations between March and May 19, Krebs said.
P.F. Chang's said it's been contacted by both banks and law enforcement about the situation.
Hackers previously wreaked havoc with Target Corp. and Neiman Marcus Group Ltd., exposing the credit-card data of tens of millions of customers. In March, Sally Beauty Holdings Inc., a seller of hair and beauty products, said data from customers' payment cards had been illegally accessed and may have been stolen.
In Target's case, the data breach hampered sales and led to the ouster of its chief executive officer, who held himself personally responsible for the attack. Target named Chief Financial Officer John Mulligan as interim CEO last month, replacing Gregg Steinhafel.
P.F. Chang's, which runs its namesake restaurants in addition to the Pei Wei Asian Diner chain, was acquired in 2012 by private-equity firm Centerbridge Partners LP for $1.05 billion. The company is facing other headaches beyond a potential breach. Moody's Investors Service downgraded its credit rating earlier this month, citing "soft consumer spending and intense competitive pressure." Moody's lowered P.F. Chang's grade to B3, six levels below investment grade.