Wendy’s Data Breach Information Released to Public

What happened?

Wendy’s fast-food restaurant chain suffered a data breach back in January of 2016. At the time of the initial breach, Wendy’s was unaware of how the information was stolen and the extent of the breach’s impact. 

The chain first reported suspicious payment card activity in early February of 2016. Initial reports stated that up to 300 stores could have been potentially affected. It was not until June 9, 2016 that the breach was announced to the public, following the May 2016 confirmation that malware was discovered on their point-of-sale systems. 

Nearly six months after the incident occurred, Wendy’s released the specifics regarding the chain restaurant’s breach. Unfortunately, the attack had a greater reach than originally expected.  Continue reading

Cape May-Lewes Ferry Suffers Year-long Data Breach

Cape May-Lewes Ferry

On October 24, Cape May-Lewes Ferry announced in a press release that malware on their food, drink and retail point-of-sales systems allowed an intruder to access 60,000 customers’ credit and debit card information.

The organization stated that card numbers, cardholders’ names and expiration dates were potentially exposed from September 20, 2013 to August 7, 2014. Transactions made on their reservation system have not been impacted.
Continue reading

Staples Investigates Potential Breach in the Northeast

Update: 9:00 a.m. ET: On December 19, Staples, Inc. released a statement outlining their findings regarding a data breach at 115 of their retail locations.

Upon the investigation, Staples confirmed initial suspicions that hackers accessed customer payment card information from their point-of-sale systems using malware.

Approximately 1.16 million payment cards were exposed in the breach. Leaked card information includes cardholder names, payment card numbers, expiration dates and card verification codes.

The attack occurred between August 10, 2014 and September 16, 2014 at 113 of their stores. Two of their stores had malware on their systems starting on July 20. The company has released a list of impacted locations along with dates of exposure.

Staples will offer free identity protection services, including credit monitoring, identity theft insurance and a free credit report to potentially impacted customers. Concerned customers may sign up for these services here. Continue reading

Dairy Queen Data Breach Kept Quiet

Update: 10:00 a.m. ET: On October 9, International Dairy Queen, Inc. confirmed that one Orange Julius store and 395 Dairy Queen stores were impacted by a data breach. In a press release, Dairy Queen, Inc. attributes the breach to “Backoff” malware on “systems at a small percentage of locations in the U.S.” — confirming the initial suspicious made by independent security experts.

The malware exposed customers’ names, payment card numbers and payment card expiration dates. Dairy Queen has no evidence that other personal information was compromised.

The attack occurred between August 1 and September 23; however, dates vary from store-to-store. The company has provided a list the impacted locations in their press release. Continue reading