Wendy’s restaurants has released information about the investigation a breach in at least 300 of their 5,500 restaurants.
Wendy’s Restuarants Investigates Possible Breach
Wendy’s said today that an investigation into a credit card breach at the nationwide fast-food chain uncovered malicious software on point-of-sale systems at fewer than 300 of the company’s 5,500 franchised stores. The company says the investigation into the breach is continuing, but that the malware has been removed from all affected locations.
“Based on the preliminary findings of the investigation and other information, the Company believes that malware, installed through the use of compromised third-party vendor credentials, affected one particular point of sale system at fewer than 300 of approximately 5,500 franchised North America Wendy’s restaurants, starting in the fall of 2015,”
Many banks and credit unions who have been feeling card fraud pain because of the breach have started grumbling about the extent and duration of the breach. Sources at multiple financial institutions say their data would indicate that some of the breached Wendy’s stores were still leaking customer card data as of late March 2016 and some even into early April. The breach was first disclosed on this blog on January 27, 2016.
Back in January, Wendy’s conducted started an investigation after KrebsOnSecurity.com announced they had a problem – we reported on it here.
PLEASE NOTE – the Wendy’s location pictured is a stock photo re-used from WikiPedia – we have no knowledge AT ALL that this particular location had a problem with their POS or card data breach. This photo was ONLY used because it was labeled as ‘Free to use with modification – and we do not intend to indicate that this location had a problem or not. We simply used the stock-photo. Please verify with your own location if they had a problem with a data-breach.