The Wawa convenience store chain says a data breach may have collected debit and credit card information from thousands of customers.
Pennsylvania-based Wawa Inc. said Thursday that its information security team discovered malware on its payment processing servers on Dec. 10 and stopped the breach on Dec 12. The company believes the malware was collecting card numbers, customer names and other data as early as March 4.
The company said it doesn’t yet know how many customers were affected. Wawa said it’s also unaware of any unauthorized use of credit cards as a result of the breach.
The breach affected all of Wawa’s 850 locations, which stretch along the East Coast from Pennsylvania to Florida. In-store payments and payments at fuel dispensers were affected, but ATM machines were not.
Wawa says it’s notifying customers and offering free credit card monitoring and identity theft prevention services to anyone whose information may have been collected. Police are investigating, and the company has also hired a forensics firm to conduct an internal investigation.
Related: U.S. Fast-Food Chain Krystal Investigating Payment Card Breach
Related: Moe’s, McAlister’s, Schlotzsky’s Restaurants Hit by Payment Card Breach
Related: Malware Found on Payment System Used by On The Border Restaurants
Related: Church’s Chicken Restaurants Hit by Payment Card Breach

More from Associated Press
- Major Massachusetts Health Insurer Hit by Ransomware Attack, Member Data May Be Compromised
- Biden Picks New NSA Head, Key to Support of Ukraine, Defense of US Elections
- White House Unveils New Efforts to Guide Federal Research of AI
- Meta Fined Record $1.3 Billion and Ordered to Stop Sending European User Data to US
- China Tells Tech Manufacturers to Stop Using Micron Chips, Stepping Up Feud With United States
- ChatGPT’s Chief Testifies Before Congress, Calls for New Agency to Regulate Artificial Intelligence
- Philadelphia Inquirer Hit by Cyberattack Causing Newspaper’s Largest Disruption in Decades
- Executive Fired From TikTok’s Chinese Owner Says Beijing Had Access to App Data in Termination Suit
Latest News
- Industrial Giant ABB Confirms Ransomware Attack, Data Theft
- Organizations Worldwide Targeted in Rapidly Evolving Buhti Ransomware Operation
- Google Cloud Users Can Now Automate TLS Certificate Lifecycle
- Zyxel Firewalls Hacked by Mirai Botnet
- Watch Now: Threat Detection and Incident Response Virtual Summit
- NCC Group Releases Open Source Tools for Developers, Pentesters
- Memcyco Raises $10 Million in Seed Funding to Prevent Website Impersonation
- New Russia-Linked CosmicEnergy ICS Malware Could Disrupt Electric Grids
