Slashdot Mirror

← Back to Stories (view on slashdot.org)

Wendy's Says More Than 1,000 Restaurants Affected By Hack (go.com)

Posted by BeauHD on from the burgers-on-a-budget dept.

An anonymous reader writes from a report via ABC News: The fast food giant Wendy's has reported today that hackers were able to steal customers' credit and debit card information at 1,025 of its U.S. restaurants. The company said Thursday hackers were able to obtain card numbers, names, expiration dates and codes on the card, beginning in late fall. Some customers' cards were used to make fraudulent purchases at other stores. Wendy's first announced it was investigating a possible hack in January. In May, it found malware in fewer than 300 restaurants; two types of malware were found two months later and the number of restaurants affected was "considerably higher." There are more than 5,700 Wendy's restaurants in the U.S. Customers can check to see which locations were affected via Wendy's website. The company said it is offering free one-year credit monitoring to people who paid with a card at any of those restaurants. In May, Wendy's announced plans to start automating all of its restaurants with self-service ordering kiosks.

3 of 134 comments (clear)

  1. Re:Why?? by subk · · Score: 3, Informative

    It's unclear from reading the article, but it sounds like the malware steals it from the POS application at the time of swipe, hence the need to infect the machines at individual restaurants. This is not the same as breaking into a big database and plucking a list of "stored" card info.

    --
    Now, if you'll excuse me, I have backups to corrupt.
  2. Re:Why?? by vux984 · · Score: 5, Informative

    Why do any of these companies store your CC information? Surely it's only needed to authorize the transaction, do they need it for more than that?

    There is no evidence they were storing your CC information. The POS system was infected with malware that skimmed it from the system when you swiped the card.

    The malware was persistently installed over several months, so it got a lot of people. It wasn't a quick hack where someone went in, grabbed a database, and got out.

  3. Re:Private industry doing it better than governmen by bill_mcgonigle · · Score: 3, Informative

    Yet let a few thousand people have their data swiped through a government breach and people go apoplectic.

    Based on the evidence it appears government is doing substantially better than private industry in protecting our data.

    I might need a new debit card. What a pain. If you have government clearance, thanks to the OPM breach, the Chinese have all of your biometric data. Game over.

    The Wendy's breach can be fixed with a bunch of new cards. The government breach cannot be fixed.

    That is why people were apoplectic.

    --
    My God, it's Full of Source!
    OUTSIDE_IP=$(dig +short my.ip @outsideip.net)