Wendy’s have reported a major data breach, with at least 1,025 of its restaurants targeted and debit and credit card information stolen.
Although the company did not put a number to how many of its customers had been affected, it did confirm that all the targeted restaurants were in the US.
It has been reported that malware installed on point-of-sale locations was the origin of the massive data breach, with the restaurant chain publicly stating that it was confident that the threat had now been removed.
In a statement, Todd Penegor, Wendy’s President and CEO, said: "As we have reported over the past several months, unfortunately, some Wendy’s restaurants have been the victim of malicious cyber activity targeting customers’ payment card information.
"Wendy’s first reported unusual payment card activity affecting some restaurants in February 2016. In May, we confirmed that we had found evidence of malware being installed on some restaurants’ point-of-sale systems, and had worked with our investigator to disable it. On June 9th, we reported that we had discovered additional malicious cyber activity involving other restaurants.
"That malware has also been disabled in all franchisee restaurants where it has been discovered. We believe that both criminal cyber attacks resulted from service providers’ remote access credentials being compromised, allowing access – and the ability to deploy malware – to some franchisees’ point-of-sale systems."
This data breach is gathering pace, seeing as that back in May of this year Wendy’s confirmed that just 300 restaurants had been targeted din the attack. This number has risen past 1,000, with the breach quickly becoming one of the most notable hacks in US history.
