Wendy’s says more than 1000 restaurants affected by hack
Wendy’s told journalists the total stands at 1,025 restaurants out of about 3,000. We believe that both criminal cyberattacks resulted from service providers’ remote access credentials being compromised, allowing access – and the ability to deploy malware – to some franchisees’ point-of-sale systems.
Originally the Ohio-based chain said less than 300 store locations were affected.
Have systems in place to monitor who accesses your network, what data they access, and have it report suspicious or unusual activity so it can be investigated.
Wendy’s stock has fallen 13% in the past three months. The company first disclosed the breach in February.
Working with third-party forensic experts, federal law enforcement and payment card industry contacts as part of its ongoing investigation, the retailer has determined that specific payment card information was targeted by an additional malware variant reported in June. The malware has since been disabled.
The company has set up a page for customers to check if a restaurant they bought food from has been affected.
The security breach was described as a pair of attacks.
Go here for a list of locations affected by the malware. The second, discovered during an investigation of the first, was similar to the first, but affected many more locations. As of June 27, 2016, its restaurant system included approximately 6,500 franchise and company-operated restaurants worldwide.
There is no indication so far that the malware attack has affected any company-owned restaurants, Wendy’s said on Thursday. Wendy’s urged customers to check their accounts for any fraudulent purchases.
Help includes the offer of one year of “complimentary” fraud protection services.
Some of the purloined personal information was used to make purchases elsewhere. Any additional information on this incident will continue to be posted here.