Wawa warns of ‘data security incident’ involving credit and debit card information

Wawa, Credit cards, Debit cards, Data security, Forensics firm, Data breach
Wawa warns of 'data security incident' involving credit and debit card information

Wawa customers who paid with credit or debit cards in the last nine months may have had their card information compromised, the convenience store chain announced Thursday.

How AI is used for Hiring Senior Leadership Roles

In a letter, Wawa CEO Chris Gheysens said the chain’s information security team “discovered malware on Wawa payment processing servers” on Dec. 10, “contained” the malware by Dec. 12 and “immediately engaged a leading external forensics firm and notified law enforcement.”

“This malware affected customer payment card information used at potentially all Wawa locations beginning at different points in time after March 4, 2019, and until it was contained,”  Gheysens wrote. “At this time, we believe this malware no longer poses a risk to Wawa customers using payment cards at Wawa.”

The chain operates more than 850 stores in Delaware, Pennsylvania, Maryland, Virginia, New Jersey, Florida and Washington, D.C.

Wawa says the malware did not capture PIN numbers or CVV2 numbers and that ATM machines in stores were not impacted.

The letter said at this time Wawa officials were “not aware of any unauthorized use of any payment card information as a result of this incident.”

Just How Expensive are Data Breaches

“At Wawa, the people who come through our doors are not just customers, they are our friends and neighbors, and nothing is more important than honoring and protecting their trust,” Gheysens said in the letter. “I want to reassure anyone impacted they will not be responsible for fraudulent charges related to this incident.”

Previous articleHenry County spends $650K to restore its computer network affected in a data breach
Next articleDWF advises Allvotec Limited on the acquisition of ISG Technology