P.F. Chang’s China Bistro Inc. confirmed Friday morning that unknown hackers stole data from customers’ credit and debit cards.
“While the investigation is still ongoing, we have concluded that data has been compromised," said Rick Federico, the chain’s chief executive, said in a statement.
The company set up a website page, pfchangs.com/security, for customers to get information and updates. The company is encouraging patrons to check credit card and bank statements for signs of fraudulent activity.
“We sincerely regret the inconvenience and concern this may cause,” Federico said.
The intrusion was first reported by security blogger Brian Krebs, who said on his website that banks reported data being pilfered from locations in Florida, Maryland, New Jersey, Pennsylvania, Nevada and North Carolina.
The P.F. Chang's breach occurred between the end of March and May 19, according to Krebs. Card data from thousands of customers were being offered on a website favored by the Target hackers, for $18 to $140 per card, Krebs reported.
"The items for sale are not cards, per se, but instead data copied from the magnetic stripe on the backs of credit cards," Krebs wrote. "The most common way that thieves steal this type of card data is by hacking into cash registers at retail locations and planting malicious software."
P.F. Chang's has about 211 locations in the U.S. and abroad. The Scottsdale, Ariz.-based company was acquired by private equity firm Centerbridge Partners for $1.05 billion in 2012.
The company also operates Pei Wei Asian Diner, a more casual Asian restaurant chain with more than 190 U.S. locations.
Follow for @bri_sacks business news.