Wawa says malware may have collected customer card info


STAFFORD, VA – JUNE 21: People get gas and other goods at a Wawa gas station and store on Thursday June 21, 2012 in Stafford, VA. A great number of Wawa stores use the Niagara Framework. This technology allows various devices and services to be controlled remotely. (Photo by Matt McClain for The Washington Post via Getty Images)

(CNN) — If you bought something with a credit or debit card from a Wawa convenience store in the last nine months, your personal information might have been swiped.

On December 10, the company found malware on the servers it uses to process payments at “potentially all Wawa locations,” said Wawa CEO Chris Gheysens in a letter Thursday to customers. He added that the company was able to get rid of the malware within two days, and that the firm believes it no longer poses a risk to customers.

Cards used at Wawa stores between March 4 and December 12 could have been compromised. Gheysens said the malware could have affected credit and debit card numbers, expiration dates and cardholder names on cards used at in-store cash registers or gas pumps. Wawa’s ATMs were not affected.

Debit card PIN numbers, credit card CVV2 numbers (the three or four-digit security code printed on the card), other PIN numbers, and driver’s license information used to verify age-restricted items were not exposed, according to Gheysens.

At this time, the chain said it wasn’t aware of any unauthorized use of payment card information. Gheysens said customers will not be responsible for fraudulent charges on their cards.

Wawa is offering free identity theft protection and credit monitoring at no charge to its customers.

The Philadephia-based chain has more than 850 convenience retail stores in Pennsylvania, New Jersey, Delaware, Maryland, Virginia, Florida, and Washington, DC, according to its website.

Trademark and Copyright 2020 Cable News Network, Inc., a Time Warner Company. All rights reserved.

Latest News

More News