Payment card breach potentially impacts all locations of Wawa convenience store

Wawa convenience store chain disclosed a payment card breach that may have exposed debit and credit card data from thousands of customers.

Wawa convenience store chain disclosed a payment card breach, its security team discovered a PoS malware on its payment processing systems.

Wawa operates more than 860 convenience retail stores, this breach is potentially one of the biggest card incidents in 2019. The malware affected in-store payments and payments at fuel dispensers, anyway ATM machines were infected.

The malicious code infected the payment systems on December 10 and it was removed on December 12, the incident may have exposed debit and credit card data from thousands of customers.

“Our information security team discovered malware on Wawa payment processing servers on December 10, 2019, and contained it by December 12, 2019,” Wawa CEO Chris Gheysens wrote in a public letter. “This malware affected customer payment card information used at potentially all Wawa locations beginning at different points in time after March 4, 2019 and until it was contained.”

The PoS malware was planted on Match 4, it began running on in-store payment processing systems at potentially all Wawa locations. The malicious code was designed to collect card numbers, cardholder names, and other data,

“Based on our investigation to date, we understand that at different points in time after March 4, 2019, malware began running on in-store payment processing systems at potentially all Wawa locations,” reads the data breach notice issued by the company.

“Although the dates may vary and some Wawa locations may not have been affected at all, this malware was present on most store systems by approximately April 22, 2019.”

The company is not aware of any unauthorized use of credit cards as a result of the payment card breach.

At the time it is not clear how many customers were affected by the incident.

The company is notifying customers and offering free credit card monitoring and identity theft prevention services to impacted customers. The company has hired a forensics firm to investigate the incident, it also reported the card breach to the authorities that are currently investigating into the case.

“As soon as we discovered this malware on December 10, 2019, we took immediate steps to contain it, and by December 12, 2019, we had blocked and contained it. We believe this malware no longer poses a risk to customers using payment cards at Wawa.” concludes the note. “As indicated above, we engaged a leading external forensics firm to conduct an investigation, which has allowed us to provide the information that we are now able to share in this letter. We are also working with law enforcement to support their ongoing criminal investigation. We continue to take steps to enhance the security of our systems.”

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Wawa, data breach)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.