In today’s round of cyber security data breaches, we have PDQ featured; the popular restaurant chain has been hit by a hacker. PDQ has disclosed news of a data breach that may have affected consumers who have made a purchase with a credit card.

#News: #PDQ the popular #restaurant chain has been hit by a hacker. Click To Tweet

The duration of the data breach expands from May 19, 2017 to April 20, 2018; during this time consumer payment data was exposed. PDQ learned of the data breach on June 8, 2018.

Any PDQ restaurant locations that were operating during the breach time frame has been affected.

In a PDQ issued statement, this was detailed:

“Based on the nature of the breach, it was not possible to determine the identity or exact number of credit card numbers or names that were accessed or acquired during the breach time period. If you used a credit card for your purchase at a PDQ restaurant during the breach period, then your credit card number, expiration date, cardholder verification value and or name may have been accessed or acquired by a hacker.”

Payment Card Information Breached

Customer names, card numbers, cardholder verification values and expiration dates were all likely accessed during the eleven month window. Per Cybersecurity Insiders, the breach occurred when a hacker established control over PDQ’s financial server via a remote connection through an outside vendor.

The exact number of individuals impacted was not determined after a forensic investigation. PDQ is strongly urging any patron that made a purchase with a credit card during the dates given to monitor and review their statements in the past year and for the next six months.

PDQ advises consumers that they,

“Should remain vigilant in reviewing your account statements closely, monitoring free credit reports, and report any unauthorized charges to your card issuer immediately.”

If you have been affected PDQ asks that you visit your Attorney General Office for your state.

The Future of PDQ

PDQ has stated they are taking steps to further their data security practices. Follow this story to see how this story continues to unfold and if any data security regulations will come into play. If you’re an organization collecting and maintaining PCI data take the steps necessary to harden your infrastructures or run the risk of being attacked. Get Fresh Blog Posts Straight to your Inbox!