Wawa reported the convenience store chain has become “aware of reports of criminal attempts to sell some customer payment card information potentially involved in the previous data security incident announced by Wawa on December 19, 2019.”
The company has alerted its payment card processor, payment card brands, and card issuers to heighten fraud monitoring activities to help further protect any customer information. The company reported that malware was found on its computer system.
“We continue to work closely with federal law enforcement in connection with their ongoing investigation to determine the scope of the disclosure of Wawa-specific customer payment card data,” Wawa stated.
The company continued to express confidence that the that only payment card information was involved, and that no debit card PIN numbers, credit card CVV2 numbers or other personal information were involved. The incident did not impact ATM transactions.
The company is still advising customers to review charges on their statements and promptly report any unauthorized use to their bank or financial institution. Wawa is offering credit monitoring free of charge.
The incident has already resulted in lawsuits filed against Wawa.