Tuesday, March 21, 2023
Tuesday, March 21, 2023
More

    Wawa investigating ‘massive’ data breach, CEO says
    W

    Your Content is a nonprofit newsroom that investigates abuses of power. Sign up to receive our biggest stories as soon as they’re published.

    Get Your Content. Daily.

    Be the first to know about the biggest stories as they break. Sign up for breaking news email alerts from Your Content.

    The CEO of Wawa says they are investigating a data breach that has potentially affected all of their locations.

    “I am very sorry to share with you that Wawa has experienced a data security incident. Our information security team discovered malware on Wawa payment processing servers on December 10, 2019, and contained it by December 12, 2019,” said Wawa CEO Chris Gheysens in a letter to customers on Thursday.

    - Advertisement -

    This malware affected customer payment card information used at potentially all Wawa locations beginning at different points in time after March 4, 2019 and until it was contained last week.

    This malware affected payment card information, including credit and debit card numbers, expiration dates, and cardholder names on payment cards used at potentially all Wawa in-store payment terminals and fuel dispensers.

    On December 10, the company discovered the malware. On December 12, the company says the breach was contained.

    “At this time, we believe this malware no longer poses a risk to Wawa customers using payment cards at Wawa, and this malware never posed a risk to our ATM cash machines,” said Gheysens.
    It’s unclear how many customers are affected. Customers are being urged to check for unauthorized charges.

    - Advertisement -

    Wawa is providing potentially impacted customers with one year of identity theft protection and credit monitoring at no charge.

    Stay with Action News as we continue to follow this developing story.

    READ THE CEO’S FULL LETTER BELOW:

    Dear Wawa Customers,

    At Wawa, the people who come through our doors every day are not just customers, you are our friends and neighbors, and nothing is more important than honoring and protecting your trust. Today, I am very sorry to share with you that Wawa has experienced a data security incident. Our information security team discovered malware on Wawa payment processing servers on December 10, 2019, and contained it by December 12, 2019. This malware affected customer payment card information used at potentially all Wawa locations beginning at different points in time after March 4, 2019 and until it was contained. At this time, we believe this malware no longer poses a risk to Wawa customers using payment cards at Wawa, and this malware never posed a risk to our ATM cash machines.

    This is a developing story.

    - Advertisement -