Malware at Wawa stores has been stealing credit card info since March

The malware wasn't detected until last week.

Sponsored Links

Richard Lawler
December 19th, 2019
In this article: business, gear, security, wawa
JIM WATSON via Getty Images
JIM WATSON via Getty Images

Readers on the East Coast ,are getting some bad news after yet another retailer has uncovered malware in its systems stealing card numbers. The victim this time is Wawa, with its line of convenience stores and gas stations that stretches across several states. A letter from CEO Chris Gheysens explains that the company discovered the malware in its payment processing systems on December 10th, and believes it affected potentially all Wawa locations since March 4th, 2019, although some were infected later and some not at all. If you used your card at the payment terminal or gas pump, then the attack probably got your information -- store ATMs were apparently unaffected.

According to the company, the information leaked "is limited to payment card information, including debit and credit card numbers, expiration dates and cardholder names, but does not include PIN numbers or CVV2 numbers." The statement also says it is not aware of unauthorized use of payment information from the attack, but has rolled out the usual warnings and offer of free credit monitoring services.

Even in 2014 the FBI was predicting these types of incidents would become more common, and they have, affecting everyone from Target to Forever 21 to Wendy's. For advice on paying as securely as possible, we've listed some tips, in case you don't just want to go back to carrying cash.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Popular on Engadget