Slashdot Mirror

← Back to Stories (view on slashdot.org)

Wendy's Says More Than 1,000 Restaurants Affected By Hack (go.com)

Posted by BeauHD on from the burgers-on-a-budget dept.

An anonymous reader writes from a report via ABC News: The fast food giant Wendy's has reported today that hackers were able to steal customers' credit and debit card information at 1,025 of its U.S. restaurants. The company said Thursday hackers were able to obtain card numbers, names, expiration dates and codes on the card, beginning in late fall. Some customers' cards were used to make fraudulent purchases at other stores. Wendy's first announced it was investigating a possible hack in January. In May, it found malware in fewer than 300 restaurants; two types of malware were found two months later and the number of restaurants affected was "considerably higher." There are more than 5,700 Wendy's restaurants in the U.S. Customers can check to see which locations were affected via Wendy's website. The company said it is offering free one-year credit monitoring to people who paid with a card at any of those restaurants. In May, Wendy's announced plans to start automating all of its restaurants with self-service ordering kiosks.

12 of 134 comments (clear)

  1. New corporate slogan.. by subk · · Score: 5, Funny

    WaReZ da B33F!!

    --
    Now, if you'll excuse me, I have backups to corrupt.
  2. It's time.......... by JustAnotherOldGuy · · Score: 2, Insightful

    It's time to go back to paying with cash for these kinds of purchases.

    Cars, boats, homes, and anything over $100, sure, I'll use a credit or debit card. Under $100 it's going to be plain ol' cash.

    --
    Just cruising through this digital world at 33 1/3 rpm...
    1. Re:It's time.......... by penguin74 · · Score: 2

      So what? It doesn't cost you anything other than a 5 minute call to report an unauthorized charge and get it credited then 24-48 hrs to receive a new card. People like you just need to stop making such a big deal about it.

    2. Re:It's time.......... by BronsCon · · Score: 2

      Nobody's using your credit card to open a new line of credit or steal your identity. Then need a fair bit more data than what's encoded on the card's magstripe for that.

      --
      APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
    3. Re:It's time.......... by BronsCon · · Score: 2

      It's not that simple--when you have multiple monthly, automatic bills paid via the account. You have to go in and change your card details on each of those auto payment accounts

      That's still less work (and safer) than writing a check every month.

      then in some cases deal with their slow billing systems that still use the old info and charge you fees for returned funds and then for being late.

      So you cancel the automatic payment on the old card, set the new one up, and make manual payments on the due date until it kicks in. Still less work (and safer) than writing a check every month.

      --
      APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
  3. Re:Why?? by subk · · Score: 3, Informative

    It's unclear from reading the article, but it sounds like the malware steals it from the POS application at the time of swipe, hence the need to infect the machines at individual restaurants. This is not the same as breaking into a big database and plucking a list of "stored" card info.

    --
    Now, if you'll excuse me, I have backups to corrupt.
  4. Re:Why?? by vux984 · · Score: 5, Informative

    Why do any of these companies store your CC information? Surely it's only needed to authorize the transaction, do they need it for more than that?

    There is no evidence they were storing your CC information. The POS system was infected with malware that skimmed it from the system when you swiped the card.

    The malware was persistently installed over several months, so it got a lot of people. It wasn't a quick hack where someone went in, grabbed a database, and got out.

  5. Creating business by TheMadTopher · · Score: 4, Interesting

    I wonder if credit monitoring companies secretly fund these hacks.

  6. Re:But "dipping" solved everything? by Stormy+Dragon · · Score: 2

    I only know once place near me that actually uses the chips. Everyone else has the scanners for the chips, but they're not hooked up and can't actually be used.

  7. Re:Why?? by Anonymous Coward · · Score: 2, Funny

    Same goes for point of sale applications.

  8. Re:Private industry doing it better than governmen by bill_mcgonigle · · Score: 3, Informative

    Yet let a few thousand people have their data swiped through a government breach and people go apoplectic.

    Based on the evidence it appears government is doing substantially better than private industry in protecting our data.

    I might need a new debit card. What a pain. If you have government clearance, thanks to the OPM breach, the Chinese have all of your biometric data. Game over.

    The Wendy's breach can be fixed with a bunch of new cards. The government breach cannot be fixed.

    That is why people were apoplectic.

    --
    My God, it's Full of Source!
    OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
  9. Re:And this is why I... by Jhon · · Score: 2

    The next generation of hackers will be able to access your bank account with just the serial number of your $20 bill!

    (ducks and runs)