Skip to footer

Wendy's: Hackers stole credit card data from more than 1,000 restaurants

Wendy's announced Saturday that the hack had reached more stores and used different technology than previously believed.

|
Mike Blake/Reuters/File
A Wendy's sign and logo are shown at one of the company's restaurant in Encinitas, California May 10, 2016. The company announced Saturday that hackers had access to credit card numbers, names, expiration dates, and codes for credit cards used at Wendy's restaurants since fall 2015.
  • By Staff Associated Press

| DUBLIN, Ohio

Wendy's recently announced that hackers were able to steal customers' credit and debit card information at 1,025 of its U.S. restaurants, far more than it originally thought.

Wendy's first reported unusual payment card activity affecting some franchise-owned restaurants in February 2016. On Saturday, the company reported that an additional malware variant had been identified and disabled.

The hamburger chain said hackers have had access to card numbers, names, expiration dates, and codes on the card, since late fall. 

"We are committed to protecting our customers and keeping them informed. We sincerely apologize to anyone who has been inconvenienced as a result of these highly sophisticated, criminal cyberattacks involving some Wendy's restaurants," said Todd Penegor, president and chief executive officer, in a statement.

The Dublin, Ohio, company first announced it was investigating a possible hack in January. In May, it said malware was found in fewer than 300 restaurants. About a month later, it said two types of malware were found and the number of restaurants affected was "considerably higher."

There are more than 5,700 Wendy's restaurants in the U.S.

The fast-food chain encouraged customers to watch for unauthorized charges on their cards. Generally, if you report unauthorized charges in a timely manner to the bank or credit card company that issued your card, you are not responsible for those charges.

In a corporate statement, Wendy's said the criminal cyberattacks resulted from service providers' remote access credentials being compromised, allowing access – and the ability to deploy malware – to some franchisees' point-of-sale systems.

According to the company, the malware was first deployed in late fall 2015 and it was disabled by early spring 2016. 

Customers can see which locations were affected through the Wendy's website. The company said it is offering free one-year credit monitoring to people who paid with a card at any of those restaurants.

Mr. Penegor said, "We have conducted a rigorous investigation to understand what has occurred and apply those learnings to further strengthen our data security measures."

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.
editor@csmonitor.com
Subscribe
Mark Sappenfield
Editor

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.

Subscribe to insightful journalism

QR Code to Wendy's: Hackers stole credit card data from more than 1,000 restaurants
Read this article in
https://www.csmonitor.com/Business/2016/0709/Wendy-s-Hackers-stole-credit-card-data-from-more-than-1-000-restaurants
QR Code to Subscription page
Start your subscription today
https://www.csmonitor.com/subscribe