P.F. Chang's Data Breach Underscores POS System Vulnerabilities

By Sean Michael Kerner  |  Posted 2014-06-13 Print this article Print
P.F. Chang's security breach

However, Tripwire's Melancon said going to manual imprint for credit card information is an entirely bad idea. "In terms of establishing trust after a breach, going to the use of carbon forms to gather payment information isn't as crazy as it sounds," he said. "After all, if you're not sure which of your data systems you can trust, why would you put even more data into those systems?"

That said, Melancon added that going to physical collection of the card information might reduce the number of people who interact with the data because that information is no longer accessible on an open network, but it isn't practical in the long term.

"The risk in paper-based collection is that many retailers no longer have effective processes or employee training designed to secure, monitor and control physical card slips," Melancon said. "This means that, while a paper-based approach may reduce one specific type of risk, it doesn't totally eliminate risk altogether; it changes the data protection problem to a different form."

What Customers Should Do

As is the case with any retail data breach, customers should always be looking at their credit card and bank transaction statements for fraudulent charges.

"As the investigation progresses, it's likely that issuing banks will take proactive measures to cancel cards they suspect are compromised," Casesa said. "Banks are monitoring stolen card data sites looking for their own cards, and it's through this mechanism that the breaches are discovered."

P.F. Chang's customers should request a new credit card from their credit card issuer, Haber said.

For those choosing to visit a P.F. Chang's restaurant, Haber advises: "If you can, pay cash until their electronic system is functioning again."

Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.



Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel