P.F. Chang’s Breached

In a distinction best labeled dubious, national Chinese food chain P.F. Chang’s now joins Neiman-Marcus, Target, Michaels and Sally Beauty Supply as the fifth major retail chain to suffer a massive data breach.

First reported by security blogger Brian Krebs on his blog, a sudden and very large series of batches of card numbers stared showing up in large batches on Rescator – an online black market most recently notable for being the base from which card numbers lifted in the Target breach were sold.

Krebs reports that several banks he contacted confirmed that from this new batch, the common denominator for many of them was that they had been used at P.F. Chang’s locations between the beginning of March 2014 and May 19, 2014.

While the chain said they could not confirm the breach at press time, they did offer the following statement to Krebs.

“P.F. Chang’s takes these matters very seriously and is currently investigating the situation, working with the authorities to learn more. We will provide an update as soon as we have additional information.”

The U.S. Secret Service declined comment.

The new batch of cards, dubbed “Ronald Regan” on Rescator represents cloned mag stripe data—likely obtained by implanting malware within the store’s POS systems. This is the basic method by which Target, Michaels and Sally’s Beauty are believed to have been hacked.

What sets the Ronald Regan batch apart from earlier breaches is that this batch does not list the total number of cards that are for sale currently. Instead, it appears to list just the first 100 pages of results, at approximately 50 cards per page. The cards range in value by type for sale—form about $18 to around $140 per card.

“What’s Hot” is aggregated content. PYMNTS.com claims no responsibility for the accuracy of the content published by the original source.