Panda Express parent company has today revealed that a cyberattack on its corporate systems in March had the sensitive data of certain individuals leaked, found after a month-long investigation.
While the company didn’t reveal which individuals were exactly affected, it said the details like names, driver’s license numbers and others were compromised. It’s investigating further to know more details about the incident.
Panda Restaurant Group Data Breach
Panda Restaurant Group, the parent company of Panda Express, Panda Inn, and Hibachi-San, disclosed a data breach incident affecting the PII of some individuals. While it didn’t mention who these individuals were – employees or customers, or both, the company said it’s investigating further to know more details about the incident.
Panda Restaurant Group discovered the hack on March 10, 2024, which affected some of its corporate systems, while leaving the in-store systems, operations, and guest experience untampered. Though it immediately secured the environment and activated recovery efforts, the damage has already been done.
Initial investigation done in collaboration with third-party cybersecurity experts and law enforcement agencies revealed that personal information of some individuals was affected. This includes names or other personal identifiers and their driver’s license numbers or non-driver identification card numbers.
Panda Group, in its filing with the Office of the Maine Attorney General, claims to have “implemented additional technical safeguards to further enhance the security of information in our possession and to help prevent similar events from happening in the future,” after the incident.