Breach took place in two waves, cannot rule out there aren’t others, says the fast food chain.
The credit card breach at Wendy’s is likely to be way beyond the officially reported figure of “fewer than 300,” says KrebsOnSecurity, citing fraud and banking community sources. The fast food chain has confirmed it could be “significantly higher,” but declined to say whether the attack has been contained, indicating the intrusion may still be on.
The company had announced in May that 5% of its 5,800 stores were affected by the breach, but recently revised that figure, saying the breach happened in two parts. The first part involved malware at point-of-sale devices and the second part, it elaborates, was discovered later and involved a different strain or mutation of the original malware which targeted a separate point-of-sale system.
KrebsOnSecurity believes that, like Wendy’s, in most breaches involving hospitality, hackers remotely access payment data by exploiting remote management software for point-of-sale devices. Because of this, says Krebs, many retailers are now opting for card readers that are more secure.
Read the full story at KrebsOnSecurity.
About the Author(s)
You May Also Like
The fuel in the new AI race: Data
April 23, 2024Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024