The fast food giant has been targeted by cybercriminals, who accessed private data.
On April 30th, Panda Restaurant Group, the parent company of Panda Express, Panda Inn, and Hibachi-San, informed about a data breach that affected the company.
The attack happened between March 7th and 11th, 2024, when an unauthorized actor accessed the company’s corporate systems.
According to the breach notification letter, sensitive personal information such as driver's license numbers and non-driver identification card numbers were among the stolen data.
“Upon detecting this incident, we took immediate action to secure our environment, activated our remediation and recovery efforts, and launched a thorough investigation in partnership with third-party cybersecurity specialists to determine the nature and scope of the incident,” the company explained.
Panda Restaurant Group told Cybernews that current and former employees were affected by the attack. “App and guest data were not involved in the incident. The incident only impacted some current and former associate data,” said the company’s spokesperson.
The total number of affected individuals has not yet been disclosed. The investigation is still ongoing, and Panda Express is offering affected individuals identity protection services.
Panda Express dominates as the top Chinese fast food franchise in the US, boasting more than $3 billion in revenue and employing 47,000 staff across 2,300 locations.
Updated on May 3rd, 2024: a comment from Panda Restaurant Group was added. Based on the comment, the article was corrected to explain that only current and former employees' data was affected by the breach, not the clients.
Your email address will not be published. Required fields are markedmarked