American convenience and fuel retail stores chain Wawa has conducted an investigation into a data breach incident.
On 10 December, the company’s information security team discovered a malware on Wawa payment processing servers. Wawa said this was controlled by 12 December.
The data breach has potentially impacted customers’ payment card information used at all Wawa locations during a specific timeframe.
According to the investigation, the security breach is restricted to payment card information, including debit and credit card numbers, expiration dates and cardholder names, while PIN numbers or CVV2 numbers are expected to be safe.
As of now, the stores ATM cash machines are safe and the company claimed that it is unaware of any unauthorised use of any payment card information as a result of this incident.
Wawa CEO Chris Gheysens said: “At Wawa, the people who come through our doors are not just customers, they are our friends and neighbours, and nothing is more important than honouring and protecting their trust.
“Once we discovered this malware, we immediately took steps to contain it and launched a forensics investigation so that we could share meaningful information with our customers.
“I want to reassure anyone impacted they will not be responsible for fraudulent charges related to this incident. To all our friends and neighbours, I apologise deeply for this incident.”
Meanwhile, Wawa is offering identity protection and credit monitoring services at no charge to its customers.