The Maine Office of the Attorney General reported that Panda Restaurant Group, Inc. experienced a data breach involving unauthorized access to its external systems, discovered on March 10, 2024, affecting 64 residents. The breach occurred between March 7-11, 2024, and may have compromised driver's license information.

Panda Express Data Breach Settlement Offers Up to $5,000 in Compensation Panda Express Restaurant Group has agreed to a $2.45 million settlement following allegations that it failed to prevent a March 2023 data breach. The incident exposed sensitive information, including full names, dates of birth, and Social Security numbers, of current and former employees and other individuals. The settlement covers U.S. residents who received a breach notification. Those with documented financial losses such as credit monitoring costs or late fees can claim up to $5,000, while others may receive approximately $100. California claimants are eligible for an additional $125. All class members qualify for two years of three-bureau credit monitoring, including real-time alerts, dark web scanning, and public records monitoring. Panda Express, which operates brands like Panda Inn, Hibachi San, and select Whataburger locations, denies wrongdoing but settled to avoid further litigation. The deadline to submit claims is April 10, 2026, with payments distributed after a final approval hearing on April 20, 2026. Those opting out of the settlement must do so by March 23, 2026. The remaining funds will cover legal fees and administrative costs.