P.F. Chang’s the Latest Victim in String of Consumer Data Breaches Across the United States
Credit card payment processing allows cardholders to make purchases just about anywhere in world, but sometimes it can have consequences on unsecured systems — for both consumers and businesses. P.F. Chang’s, a restaurant chain with over 200 bistros across the United States, recently confirmed that it had credit and debit card data stolen from its restaurants in early June.
The data was stolen through the company’s point-of-sale systems, which process credit card payments in addition to acting as cash registers. In order to prevent further data breaches, P.F. Chang’s switched to manual imprinting, an older method of credit card acceptance that makes a physical copy of a card on carbon paper.
The restaurant chain said that the breach was discovered by the U.S. Secret Service, which is investigating the cause along with third-party computer forensic experts. P.F. Chang’s is working with credit card companies to identify those at risk and warned customers to monitor their statements for any signs of fraud.
Cybercriminals sell data, like that stolen from P.F. Chang’s and other retailers, online in password-protected “carding” forums. Card numbers can be sold for anything from $18 to $139 USD, according to Hold Security, a company that tracks the sale of stolen data.
For payment processing companies, data breaches like the one at P.F. Chang’s can have a negative impact on their businesses, too.
“Protecting cardholder data should always be a number one priority when discussing payment processing. Educating merchants on the proper processes to take in order to securely accept credit cards and debit cards can greatly reduce the risk of fraud, and is a great way to help prevent costly chargebacks as well,” says Jordan Rinaldo, Marketing Manager at BNA Smart Payment Systems Ltd. “Also, using a reputable payment processing company that has secure, and reliable hardware and software is another great way to prevent data breaches such as this, as well as keeping your cardholders safe when making payments at your place of business. Businesses should ensure that all data that is stored securely is done through a third party data storage firm, or protected through multiple firewalls and encrypted storage systems.”
P.F. Chang’s isn’t alone in being targeted by cybercriminals: Target, Neiman Marcus, Sally Beauty and Michaels have all been the subjects of these crimes over the last eight months. U.S. lawmakers will continue to monitor these businesses in order to ensure the protection of consumer data.