+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

Wawa announces data breach that may have impacted customers at all of its locations for 9 months

Dec 20, 2019, 04:39 IST

Wawa announced on Thursday that it had discovered a data breach that could have impacted customers over the last nine months.

Advertisement

"Our information security team discovered malware on Wawa payment processing servers on December 10, 2019, and contained it by December 12, 2019," Wawa CEO Chris Gheysens wrote in a public letter. "This malware affected customer payment card information used at potentially all Wawa locations beginning at different points in time after March 4, 2019 and until it was contained."

According to Gheysens, in-store payment processing systems were impacted by the data breach starting in March. By late April, the malware was running on payment processing systems in most Wawa locations.

The data breach affected credit and debit card numbers, expiration dates, and cardholder names for potentially all purchases made in Wawa locations and at fuel dispensers. No other personal information was accessed, including PIN numbers, credit card CVV2 numbers, and driver's license information. ATM cash machines located in Wawa locations were also not impacted.

Gheysens said that the company believed the malware no longer posed a risk to Wawa customers and that the company has "initiated an investigation, notified law enforcement and payment card companies, and engaged a leading external forensics firm to support our response efforts."

Advertisement

Wawa is encouraging customers to review their credit and debit card account statements. The company is also providing customers who may have been impacted a free year of identity theft protection and credit monitoring via Experian. More information on how customers can protect their information is available on the Wawa website.

"I apologize deeply to all of you, our friends and neighbors, for this incident," Gheysens wrote in the letter on Thursday. "You are my top priority and are critically important to all of the nearly 37,000 associates at Wawa. We take this special relationship with you and the protection of your information very seriously."

SEE ALSO: Apply here to attend IGNITION: Retail, an event focused on the future of retail, in New York City on January 14.

You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article