Fraud Info

P.F. Chang's Security Compromise Update

Statement from Rick Federico

CEO of P.F. Chang's

June 12, 2014

Scottsdale, Ariz. (June 12, 2014) — On Tuesday, June 10, P.F. Chang's learned of a security compromise that involves credit and debit card data reportedly stolen from some of our restaurants. Immediately, we initiated an investigation with the United States Secret Service and a team of third-party forensics experts to understand the nature and scope of the incident, and while the investigation is still ongoing, we have concluded that data has been compromised.

At P.F. Chang's, the safety and security of our guests' payment information is a top priority. Therefore, we have moved to a manual credit card imprinting system for all P.F. Chang's China Bistro branded restaurants located in the continental United States. This ensures our guests can still use their credit and debit cards safely in our restaurants as our investigation continues.

We have also established a dedicated public website, pfchangs.com/security, for guests to receive updates and answers to their questions.

Because we are still in the preliminary stages of our investigation, we encourage our guests to be vigilant about checking their credit card and bank statements. Any suspected fraudulent activity should be immediately reported to their card company.

We sincerely regret the inconvenience and concern this may cause for our guests.

HAPO’s Role in Your Card’s Security:

HAPO takes the security of your accounts seriously. To help protect against fraudulent charges, we do employ fraud detection services that monitor your credit and debit card transactions for suspicious activities. If any suspicious transactions are identified, you will be contacted to verify their validity. Rest assured that you are protected by VISA’s Zero Liability policy.

HAPO has reached out to P.F. Changs and we have been assured by their management that our members will not have any issues with their un-embossed (flat) VISA cards. P.F. Changs also indicated that they will need to have a photo copy of the card for their proof, should you choose to dine there.

Should you have any questions or concerns, please reach out to us, or contact P.F. Changs directly on their website: https://www.pfchangs.com/security/

Recommended steps to protect your card’s security:

- Check your statements regularly and call us immediately to report any transactions that you don't recognize.

- Avoid obvious PINs, like your date of birth or the last four digits of your SSN or phone number.

- Do not write your PIN down in an obvious place, such as the back of the card or on a piece of paper in your wallet.

- Compare your receipts with your statements to make sure the amounts match and that there are no unauthorized charges.

- Destroy all receipts before discarding them. Although most card numbers will be masked you may still have some that have the complete card number printed on them.

- Protect your card data. Don’t give out your card number to anyone unless you initiated the purchase.

- Check your credit report at least annually.

Heartbleed

OpenSSL Vulnerability

If you have seen the news lately you may have read about the Heartbleed internet security flaw that can impact secure sites. As a HAPO member, you will be pleased to know that our website and our online banking sites were not affected by this.

At HAPO the security of your information is always our highest priority.

Target Confirms Unauthorized Access to Card Data

Target has confirmed that debit and credit cards used at their stores between November 27th and December 15th may have been compromised. You can read their official news release here: https://corporate.target.com/discover/article/Important-Notice-Unauthorized-access-to-payment-ca

We have received information from VISA advising us of the card numbers that are potentially at risk due to the Target breach. We have worked with both our credit and debit card processors to coordinate a reissue of those cards. Replacement debit cards mailed out on January 6 and replacement credit cards are scheduled to mail out in the week of January 13. If you receive a new card, you should activate it immediately. When your new card has been activated, we will deactivate your old card.

HAPO’s role in your card’s security:

- If your card is among those at risk, rest assured that you are protected by VISA’s Zero Liability policy.

- HAPO takes the security of your accounts seriously. To help protect against fraudulent charges, we do employ fraud detection services that monitor your credit and debit card transactions for suspicious activities. If any suspicious transactions are identified, you will be contacted to verify their validity.

Recommended steps to protect your card’s security:

- Check your statements regularly and call us immediately to report any transactions that you don't recognize.

- Avoid obvious PINs, like your date of birth or the last four digits of your SSN or phone number.

- Do not write your PIN down in an obvious place, such as the back of the card or on a piece of paper in your wallet.

- Compare your receipts with your statements to make sure the amounts match and that there are no unauthorized charges.

- Destroy all receipts before discarding them. Although most card numbers will be masked you may still have some that have the complete card number printed on them.

- Protect your card data. Don’t give out your card number to anyone unless you initiated the purchase.

- Check your credit report at least annually.

Target issued a warning to customers in December of phishing attempts that may be related to the breach. You can read their warning here: http://bit.ly/1cFxY5o

We recommend that you also review information on our website at https://www.hapo.org/phishing.html to see how you can help protect yourself from being a victim of phishing. If you are ever in doubt about an e-mail communication you receive we always recommend that you call the company to verify its legitimacy.

Yokes Issues a Warning to Customers: Debit/Credit Card Data Compromised

All Yokes stores in the Southeastern part of Washington are urging customers to pay with cash or checks.

According to URM, the payment processing system which Yokes uses, hundreds of debit and credit cards have been compromised in the last few weeks. URM has shut down their current system to replace it with a more secure one.

URM issued a statement saying if you suspect your credit or debit card may have been compromised you should immediately contact the bank that issued the card.

Please be watchful of your HAPO account(s) and report any suspicious activity. The estimated exposure window is from September 1, 2013 to November 11, 2013.

URM created a dedicated call center for customers who have questions about what happened and want to know what steps they can take to protect themselves. That number is 877-237-7408.

They will also post information on their website www.urmstores.com.

Reference: http://www.kvewtv.com