The Dublin, Ohio-based fast-food chain initially revealed in May that malware had been found in 300 of its restaurants, but a deeper investigation found the number was “considerably higher”.
Advertisement
Wendy’s first reported unusual payment card activity affecting some restaurants in February 2016, and confirmed in May that malware has been installed at less than 6% of its United States franchised restaurants.
In New Jersey about 70 locations were affected by the breach, but the Wendy’s site at 1010 Stelton Road in Piscataway was not on the list.
Three Wendy’s in Rome are among the 1,025 USA restaurants where hackers stole credit and debit card information.
That second malware targeted “cardholder name, credit or debit card number, expiration date, cardholder verification value, and service code”, the company said.
“We are committed to protecting our customers and keeping them informed”.
On June 9, additional malware was reported and disabled by the company. Evidence suggests remote access credentials for service providers used by Wendy’s were breached, which allowed hackers to access point-of-sale systems at more than 1,000 Wendy’s restaurants. “We have conducted a rigorous investigation to understand what has occurred and apply those learnings to further strengthen our data security measures”.
There are more than 5,700 U.S. Wendy’s restaurants. That malware has also been disabled in all franchisee restaurants where it has been discovered. The company said some customers’ cards were used to make fraudulent purchases at other stores.
The chain said malware had been installed on point-of-sale systems but now the company is confident that the malicious software has been removed from the affected locations.
Advertisement
Wendy’s will “offer one year of complimentary fraud consultation and identity restoration” to any customer whose credit or debit card may have been affected. “As always, in line with prudent personal financial management, we encourage our customers to be diligent in watching for unauthorized charges on their payment cards”, Wendy’s said in a statement.
