California Pizza Kitchen discloses a data breach

American pizza chain California Pizza Kitchen (CPK) suffered a data breach that might have exposed personal information of its employees.

American pizza chain California Pizza Kitchen (CPK) suffered a data breach, the company has already notified employees whose personal information might have been exposed.

According to a data breach notification sent to the impacted employees, the security breach was discovered on September 15. The company immediately launched an investigation into the incident with the support of external experts.

“On or about September 15, 2021, CPK discovered suspicious activity in its computing environment. CPK
immediately secured the environment and, with the assistance of third-party computer specialists, launched
an investigation to determine the nature and scope of the incident.” reads the data breach notification. “On or about October 4, 2021, the investigation confirmed that certain files on CPK’s systems could have been accessed without
authorization. CPK therefore undertook a review of the potentially impacted files to identify the information
involved and to whom it related.”

The investigation revealed that the data breach took place on 15 September, 2021, and the total number of current and former CPK employees affected is 103767.

The company claims to have immediately secured its infrastructure, it also declared that it has no evidence that the compromised information might have been misused.

California Pizza Kitchen also says that it took steps to improve the security of its infrastructure to prevent similar incidents in the future.

The company is offering an Experian identity theft protection service for free at the impacted employees.

“We are reviewing existing security policies and have implemented additional measures to further protect against similar incidents moving forward. We also reported the incident to law enforcement and will cooperate with any investigation. We are notifying potentially impacted individuals, including you, so that you may take steps to protect your information.” concludes the company.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, data breach)

[adrotate banner=”5″]

[adrotate banner=”13″

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.