P.F. Chang's acknowledged that a "security compromise" of customers' credit and debit card data occurred at some of its restaurants.
"We have concluded that data has been compromised," said CEO Rick Federico, in a prepared statement.
The admission comes just days after cybersecurity journalist Brian Krebs claimed that thousands of credit card and debit card numbers that appeared to have been stolen from P.F. Chang's restaurants earlier this year had gone up for sale.
Federico said that P.F. Chang's learned of the "security compromise" on June 10.
He said an investigation with the U.S. Secret Service and "a team of third-party forensics experts" is ongoing.
Meanwhile, Federico said the company has moved to a manual credit card imprinting system for all of its U.S. restaurants.
Scottsdale, Ariz.-based P.F. Chang's has more than 200 locations in the U.S., as well as a number of international locations.