Restaurant Data Breach (What you can learn from P.F. Chang’s)

Mark StraussBusiness | Commercial Insurance, Cyber Liability | Data Breach

When it comes to restaurant insurance you can no longer be narrowed in scope to what your risks are, the P.F. Chang’s restaurant data breach and the unfolding litigation is unfortunately a sign of what will continue to problematic for not just the restaurant industry but all industries. If the company followed the first restaurant best practice I wrote about in the 4 restaurant best practices your restaurant can learn from the Target data breach, which is “Be PCI Compliant” , they might not be in this mess or at least it would not be as messy. The class action suit makes the following allegations:

  • The restaurant data breach enabled hackers to steal financial data and make unauthorized purchases on customers’ credit cards.
  • The restaurant data breach was caused and enabled by the company’s knowing violation of abiding from best practices and industry standards in protecting customers’ personal information.
  • The failure to comply with security standards was in effort to save money by cutting corners on security measures that could have prevented or mitigated the restaurant data breach.
  • The company failed to disclose the extent of the restaurant data breach and notify its affected customers in a timely manner.
  • The company failed to take reasonable steps to inform its customers of the nature and extent of the restaurant security breach which prevents those individuals from protecting themselves from the data breach.

Based on the above it makes you wonder if anything can really be done to combat the effects of malicious software to protect your business. As also stated in my article being PCI compliant does not specifically mean your restaurant will be protected from security breaches but it does create a framework that you are running your business in a secure manner. You also need to “Be Prepared” and expect that you will incur a breach. Experian produced the Data Breach Response Guide which you should review and put in place for your restaurant and you should also consider cyber liability insurance to protect your business from the costs associated with a restaurant data breach.