P.F. Chang’s China Bistro, a US casual dining restaurant chain, confirmed in June 2014 that its payment systems had been compromised by POS malware for approximately 9 months (September 2013 to June 2014). The breach was discovered when batches of stolen P.F. Chang’s customer credit and debit card data began appearing for sale on underground carding forums in early June 2014 — the same Rescator carding marketplace that sold Target and Home Depot breach data. Approximately 2 million payment cards from 33 P.F. Chang’s locations across the United States were compromised. The attack was attributed to the FIN6 cybercrime group. Upon discovering the breach, P.F. Chang’s switched to manual card imprinting at its restaurants — an inconvenient but effective stopgap measure. Exposed data included payment card numbers, expiration dates, and cardholder names from magnetic stripe reads. P.F. Chang’s engaged the US Secret Service and multiple cybersecurity firms. The breach was part of a broader wave of restaurant and retail POS malware attacks in 2013–2014 (Target, Home Depot, Neiman Marcus, Michaels, Chili’s parent Brinker International, etc.).