The parent of fast-casual Asian chain Panda Express was hit with a cyberattack last month that exposed employee data stored in its corporate systems.
Rosemead, California-based Panda Restaurants, which also owns the Panda Inn and Hibachi-San chains, said in a document filed with the California Attorney General that its corporate systems were hacked between March 7 and March 11. It became aware of the breach on March 10 and acted immediately to secure the system and address the problem.
The document did not say how many people were affected. But it noted that the breach did not impact restaurants’ in-store systems, operations or guest experience.
"Guest data was not involved in the incident," a Panda spokesperson said in an email to Restaurant Business. "The incident only impacted some current and former associate data."
Panda said it’s working with cybersecurity experts and law enforcement to investigate the hack. It also offered free access to a credit monitoring and identity theft protection program to employees whose data was affected.
Panda Express is one of the largest restaurant chains in the U.S., with more than 2,400 units and $5.8 billion in annual sales last year, according to Technomic. And it is just the latest to be hit with a cyberattack. Yum Brands and Five Guys reported hacks last year, and Panera Bread was recently the victim of a reported ransomware attack that shut down its tech systems for days.
As restaurants have become more high-tech, they have become a bigger target for hackers.
The news was first reported by cybersecurity publication BleepingComputer.
Members help make our journalism possible. Become a Restaurant Business member today and unlock exclusive benefits, including unlimited access to all of our content. Sign up here.