posted on Dec, 20 2019 @ 04:15 PM
Wawa says malware may have collected customer card info
If you bought something with a credit or debit card from a Wawa convenience store in the last nine months, your personal information might have been
On December 10, the company found malware on the servers it uses to process payments at "potentially all Wawa locations," said Wawa CEO Chris Gheysens
in a letter Thursday to customers. He added that the company was able to get rid of the malware within two days, and that the firm believes it no
longer poses a risk to customers.
Didnt see this anywhere on ATS, normal line for the Mods if it is posted.
For those that don't know, "Wawa is an American chain of convenience stores and gas stations located along the East Coast of the United States,
operating in Pennsylvania, New Jersey, Delaware, Maryland, Virginia, Washington, D.C., and Florida."
If the dates being talked about then Wawa actually did a solid job in containing and reporting this. It's not uncommon to see companies take weeks or
months to disclose an Infosec breach while by all reports this was reported within a week of Containment. It's easy to assess a situation without
having all the details but I am sure it's making for an unhappy time for people with that org.
To summarize the risk exposure, "Cards used at Wawa stores between March 4 and December 12 could have been compromised. Gheysens said the malware
could have affected credit and debit card numbers, expiration dates and cardholder names on cards used at in-store cash registers or gas pumps.
Wawa's ATMs were not affected.
Debit card PIN numbers, credit card CVV2 numbers (the three or four-digit security code printed on the card), other PIN numbers, and driver's license
information used to verify age-restricted items were not exposed, according to Gheysens."
Here is a link on what to do if you think you were impacted by this: www.inquirer.com...