Wendy's Could Be Latest In Long List Of Companies Affected By Credit Card Breaches
"We have received this month from our payment industry contacts reports of unusual activity involving payment cards at some of our restaurant locations," Wendy's spokesperson Bob Bertini told KrebsOnSecurity. "Reports indicate that fraudulent charges may have occurred elsewhere after the cards were legitimately used at some of our restaurants. We’ve hired a cybersecurity firm and launched a comprehensive and active investigation that’s underway to try to determine the facts."
Wendy's is still gathering information at this early stage and doesn't have many details to share, such as exactly how long this might have been going on, whether or not the situation is contained, or how many stores might be involved. All Wendy's is really saying is that it's looking at incidents from late last year.
"The amount of transactions that take place during any given day makes restaurants an easy target for credit card hacks. POS systems have a lot of security vulnerabilities, making it very easy for hackers to steal credit card information," Dodi Glenn, VP of Cyber Security at PC Pitstop told HotHardware in an email.
There are over 6,500 Wendy's locations in the world. Glenn points out that many of those restaurants are franchised so the issue could be one of "best security practices for the owner."