Convenience Store Wawa Hit With Massive Data Breach; Leaked Customer Data Goes Back Eight Months
Wawa is notifying potentially impacted individuals about a data security incident that affected customer payment card information used at potentially all Wawa locations (more than 800 stores) between March 2019-December 2019.
Wawa, Inc. is a chain of convenience and fuel retail stores located in Pennsylvania, New Jersey, Delaware, Maryland, Virginia, Washington, DC and Florida. Wawa’s information security team discovered malware on its payment processing servers on December 10, 2019, and contained it by December 12, 2019. Based on the investigation to date, Wawa says the information is limited to payment card information, including debit and credit card numbers, expiration dates and cardholder names, but does not include PIN numbers or CVV2 numbers. The ATM cash machines in Wawa stores were not impacted by this incident, says Wawa.