Wawa says malware may have collected customer card info

If you bought something with a credit or debit card from a Wawa convenience store in the last nine months, your personal information might have been swiped.

On December 10, the company found malware on the servers it uses to process payments at "potentially all Wawa locations," said Wawa CEO Chris Gheysens in a letter Thursday to customers. He added that the company was able to get rid of the malware within two days, and that the firm believes it no longer poses a risk to customers.

Wawa says malware may have collected customer card info

Didnt see this anywhere on ATS, normal line for the Mods if it is posted.

For those that don't know, "Wawa is an American chain of convenience stores and gas stations located along the East Coast of the United States, operating in Pennsylvania, New Jersey, Delaware, Maryland, Virginia, Washington, D.C., and Florida."

If the dates being talked about then Wawa actually did a solid job in containing and reporting this. It's not uncommon to see companies take weeks or months to disclose an Infosec breach while by all reports this was reported within a week of Containment. It's easy to assess a situation without having all the details but I am sure it's making for an unhappy time for people with that org.

To summarize the risk exposure, "Cards used at Wawa stores between March 4 and December 12 could have been compromised. Gheysens said the malware could have affected credit and debit card numbers, expiration dates and cardholder names on cards used at in-store cash registers or gas pumps. Wawa's ATMs were not affected.
Debit card PIN numbers, credit card CVV2 numbers (the three or four-digit security code printed on the card), other PIN numbers, and driver's license information used to verify age-restricted items were not exposed, according to Gheysens."

Here is a link on what to do if you think you were impacted by this: www.inquirer.com...

a reply to: opethPA

No! Not Wawa! Wawa is my favourite part of US business trips.

a reply to: Atsbhct

I love some wawa too...sheetz isnt bad either but I dont think they are as wide spread.

Hmm seems like it might be related to this: www.abovetopsecret.com...

I only use cash so I never have to worry about things like that.

originally posted by: RickyD
a reply to: Atsbhct

I love some wawa too...sheetz isnt bad either but I dont think they are as wide spread.

I've never seen a Sheetz... but I know they have a sandwich called 'Walker Breakfast Ranger ', and that's amazing.

"was able to get rid of the malware within two days"
did they knowingly let people accounts get stolen for two days?

originally posted by: buddha
"was able to get rid of the malware within two days"
did they knowingly let people accounts get stolen for two days?

Sounds like they acted pretty swiftly to me.