Wawa data breach: Do you hold a Credit card or Debit card or both and make payments through it at stores, marts and others? Then this will come as slightly bad news for you. Information of millions of cards (Debit and Credit) has been breached and was put for sale online. Information of food and gasoline chain WaWa's customers' cards was leaked and sold online, according to the fraud intelligence company Gemini Advisory.
According to a report published in Bloomberg, the breach “ranks among the largest payment card breaches of 2019, and of all time” because it potentially affected 850 stores and 30 million payment records, Gemini Advisory said in a report on Tuesday.
Report further states that Gemini discovered that data from cards used at WaWa — many of which belong to U.S. financial institutions — is available for sale on Joker’s Stash. It is a notorious online marketplace where credit and debit card information is bought and sold.
According to Gemini Advisory, data on almost 100,000 cards became available on Monday, but Joker’s Stash claimed it had data from 30 million cards of WaWa customers,
In a statement Tuesday, WaWa said it was “aware of reports of criminal attempts to sell come customer payment card information.” The company said it had alerted its payment card processor, payment card brands and card issuers to heighten fraud monitoring to protect customers. WaWa has offered free credit monitoring and identify theft protection to customers.
Malware ran on WaWa payment processors from March until December, when the company discovered and stopped it, Chief Executive Officer Chris Gheysens wrote in a letter.
On Tuesday, the company said it was confident the breach was contained on Dec. 12, two days after it was discovered. “We also remain confident that only payment card information was involved, and that no debit card PIN numbers, credit card CVV2 numbers or other personal information were involved.”