Payment card details of 30 million Wawa customers available for sale on the dark web.
The breach “ranks among the largest card breaches of 2019, and of all time” because it affected 850 million payment records, Gemini Advisory said in a report.
Joker Stash, an online black marketplace were credit and debit card information is bought and sold posted the data for sale. Around 100,000 cards became available on Monday but Joker’s stash claimed to have data 30 million cards.
“The new batch of card that went on sale Monday evening – dubbed “BIGBADABOOM-III” by Joker’s Stash – map squarely back to cardholder purchases at Wawa,” stated krebsonsecurity.com.
Wawa is an American chain of convenience stores and gas stations has more than 850 stores in six states and the District of Columbia, including in Pennsylvania, New Jersey and Delaware. The company had more than $12 billion in sales in 2018.
What and when did the breach take place?
Information security team identified the malware on December 10, 2019, and by December 12, 2019, blocked and contained this malware. The malware was present on March 4, 2019, onwards.
The malware was affected by customer card information used at all Wawa locations.
What information was exposed?
The payment card used by customers at all Wawa in-store payment terminals and fuel dispensers.
The payment card information, including debit and credit card numbers, expiration dates and card holders names on payment cards are exposed.
The company said that the breach did not expose Personal Identification Numbers (PINs) or CVV records or other personal information. The ATM’s inside the stores were not affected.
What are the measures taken?
“We engaged a leading external forensics firm to conduct an investigation, which has allowed us to provide the information,” stated Wawa CEO Chris Gheysens in an open letter.
“We are also working with law enforcement to support their ongoing criminal investigation.”
What customers must do to be on the safer side?
The company told customers to review account statements for unauthorised charges.
Wawa has said, it will pay for a year of identity theft protection and credit monitoring for affected customers who call 1-844-386-9559 (activation code: 4H2H3T9H6).
You may be interested in reading: ASP.NET Hit by Ransomware