The CEO of Wawa is apologizing after the convenience store chain became a center of a massive data breach.
According to an open letter from Wawa CEO Chris Gheysens, the company discovered malware on Wawa's payment processing servers between December 10 and 12 of 2019. Gheysens said in the letter that the same malware affected customer payment card information used "at potentially all Wawa locations beginning March 4, 2019 and until it was contained."
The malware accessed customers' payment card information, including credit and debit card numbers, expiration dates and cardholder names at potentially inside the store and at the self-serve pumps, according to Wawa.
"At this time, we believe this malware no longer poses a risk to Wawa customers using payment cards at Wawa, and this malware never posed a risk to our ATM cash machines," Gheysens said in the letter.
Wawa said although the dates may vary and some Wawa locations may not have been affected at all, the malware was present on most store systems by mid April of 2019. Wawa said the malware has been blocked and contained on December 12, 2019.
What You Can Do
Wawa says customers whose information may have been involved in the breach should review their payment card account statements. Customers should also register for identity protection services, Wawa said. You can click here for more information on registering for the identity protection services.
Wawa said customers should call 1-844-386-9559 if they have any questions.
This article was written by KJ Hiramoto for WFTS .