Massive Cybersecurity Breach Compromises Data of Wawa Customers

Wawa is a popular convenience store chain on the East Coast. In fact, its $10 billion revenue in 2018 puts it in the top 10 convenience store chains in the U.S. Unfortunately, this popularity means countless customers may have been affected by a massive data breach.

According to CEO Chris Gheysen, anyone who used a debit or credit card at any of the 850 Wawa locations since March 4, 2019 may have been a victim of this breach. In an open letter to all consumers, Gheysens apologized for the incident, described who might have been at risk, and explained how the company has responded.

According to the letter, malware may have compromised the following data:

  • Card numbers
  • Expiration dates
  • Cardholder names

Fortunately, the breach did not expose debit PINs, so those who used debit cards are at a lower risk of future fraudulent activity. The ATM cash machines were also safe from the breach.

Although the company has not said exactly how many consumers were affected, the letter explains that data used at virtually any in-store payment terminals and fuel dispensers could have been vulnerable to this breach. The company contained the breach on December 12th, and, so far, it has not detected any unauthorized card use. In the letter, Gheysens claims that customers are now safe to use their cards at Wawa.

Law enforcement and a forensics firm are currently investigating the incident. Meanwhile, the company is providing free identity protection and credit monitoring services for its customers.

Protecting Against Past and Future Data Breaches

Unfortunately, Wawa is one of many companies affected by this type of incident. According to Risk Based Security, the frequency and scope of data breaches in 2019 broke all-time records. Between July and September, for example, just six isolated breaches exposed more than 3 billion records. In a list of the 5 worst data breaches of this year, CNBC described severe incidents affecting Quest Diagnostics, Houzz, Capital One, Dubsmash, and Zynga.

According to IBM, a multinational information technology company, more than half of all data breaches are malicious and incredibly costly. Data breaches are a growing problem, and all types of businesses and banks are scrambling to protect the privacy and vital data of their consumers and investors. While a data breach can occur within moments, IBM explains that companies rarely detect them right away. Once it is discovered, containing the breach typically takes more than 2 months.

Wawa and cybersecurity experts recommend the following precautions for those whose data may have been compromised in a breach:

  • Review statements and credit reports. The more vigilant you are about your accounts, the sooner you will detect fraudulent activity. If you contact your credit card company in a timely manner to notify them of an unauthorized charge, you should be reimbursed for this charge.
  • Consider freezing your credit or placing a fraud alert on your file. A security freeze prevents creditors from accessing your file without your consentat Equifax, Experian, and TransUnion. It may delay approval of certain services you request, but it serves as an effective preventative measure for potential fraud. Alternatively, a fraud alert requires merchants to take additional steps to verify applicants’ identities before opening new credit cards under your name.
  • Sign up for identity protection services. Wawa arranged with Experian to provide free protection services to potentially affected customers for one year. If you were not affected by this breach, you can still enroll in services if you believe someone may have accessed your vital information (e.g. Social Security number).

Contact Our Firm for Skilled Representation

If someone accessed your data without your consent, or a company failed to adequately protect your data, you will likely be entitled to compensation for potential or actual loss. In today’s fully-digitalized world, all of us face an inevitable level of risk, but the law protects us from liability in the event of data breach and fraud. At Golomb Legal, P.C., our legal team has a track record of recovering million-dollar settlements for our clients, and we will work to achieve the same outcome for you.

To learn more about what we can do for you or to get started right away, schedule your consultation with Golomb Legalby calling (215) 278-4449 today.