Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Panda Express owner says it was hit by cyberattack that attacked corporate systems

Representational image depecting cybersecurity protection.

Panda Restaurant Group suffered a cyberattack recently, in which hackers stole sensitive information belonging to company associates.

In a breach notification letter, picked up by BleepingComputer, the company’s VP of Information Systems, Bryan Lim, explained that an unidentified and unauthorized actor infiltrated its systems on March 7, and remained there until March 11, before being thrown out. The attack was spotted a day before, on March 10.

Panda Restaurant Group is the parent company of Panda Inn, Panda Express and Hibachi-San. 

Where did the data go?

During their time in the company network, the attackers stole sensitive data belonging to its associates. The exact number of affected people is not known. Panda knows that the incident did not impact its in-store systems, operations, or guest experience, and that there was no guest and customer information among the stolen data.

While the breach notification letter does not say exactly what information the hackers obtained, BleepingComputer picked up a filing with the Office of the Maine Attorney General, in which it was said that people’s names or other personal identifiers were stolen, together with driver’s license numbers, or non-driver identification card numbers.

To assess the damage, Panda brought in third-party forensic experts, and notified the police. It is also offering free identity theft protection and credit monitoring services to affected individuals, through CyEx Identity Defense Total. The company is also currently notifying everyone involved. 

"We continue to work with law enforcement who are conducting an active investigation into the unauthorized actor responsible for this incident," the company added. "Panda also implemented additional technical safeguards to further enhance the security of information in our possession and to help prevent similar events from happening in the future."

The motive of the attack is unknown, but stealing data usually leads to two things: either the hackers sell it on the black market to another group, which uses the information for phishing and social engineering, or they try to extort money from the victim company in exchange for keeping the information private.

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.