Renowned gas and convenience store chain Wawa gets hacked across it's over 850 outlets for whole nine months in 2019.
Wawa, the Philadelphia-based gas and convenience store chain has reported a data hacking of considerable volume that has probably exposed payment card details of thousands of customers who used their cards at any of the 850 Wawa storesin Pennsylvania, New Jersey, Delaware, Maryland, Virginia, Florida, and Washington DC, since March 2019.
As par a press release on the company's website attackers installed a malware on its point-of-sale servers used to process customers' payments which when discovered by the Wawa information security team on 10th December had corrupted in-store payment processing systems at "potentially all Wawa locations." The hacking operation continued till the malware was entirely removed by its servers on 12th December 2019.However Wawa reports that not all properties of the store chain were affected.
The malware hacked credit and debit card information, card numbers, expiry dates, and customer names on the payment cards operated at all of its in-store payment terminals and gas pumps between 4th March 2019, and 12th December 2019.
But the silver lining is that debit card PINs, credit card CVV2 numbers, other PINs, driver's license information used to verify age-restricted purchases, and other personal information were not influenced by this malware, as said by the company. It is has further stated that the malware did not risk its ATM cash machines and at the time of the announcement of thedata breach no case of money laundering was reported using the stolen data.
The company's information security team fully contained the malware within two days of its discovery besides employing a leading external forensics firm to check the extent of loss and details of the fraud. It has also informed the jurisdiction to help the investigation and intimated payment card companies about the breach of data.
Wawa is also offering free identity theft protection and credit monitoring its clients who might be a prey to the hacking act.
Customers who purchased anything from any of the Wawa convenience stores since March 2019 are advised to check their payment card statements carefully.
In case of any unidentified charges one is advised to inform the relevant payment card issuer of it and consider placing a fraud alert or security freeze on the credit file at Equifax, Experian, and Trans Union. Blocking the affected payment card and requesting a new one from the respective financial institution is also important.
ISOEH has been the institute which has been educating the cyber security enthusiasts with the latest techniques of anti hacking to check such financial and other frauds.