Wendy’s Data Breach Information Released to Public

What happened?

Wendy’s fast-food restaurant chain suffered a data breach back in January of 2016. At the time of the initial breach, Wendy’s was unaware of how the information was stolen and the extent of the breach’s impact. 

The chain first reported suspicious payment card activity in early February of 2016. Initial reports stated that up to 300 stores could have been potentially affected. It was not until June 9, 2016 that the breach was announced to the public, following the May 2016 confirmation that malware was discovered on their point-of-sale systems. 

Nearly six months after the incident occurred, Wendy’s released the specifics regarding the chain restaurant’s breach. Unfortunately, the attack had a greater reach than originally expected. 

The breach targeted payment card data such as card numbers, expiration dates and cardholder names at over 1,000 locations nationwide. The company has also provided a list of these affected locations for customers that may have been affected by this breach.

Wendy’s disclosed in a public statement that malware was used to obtain payment data, and that cybercriminals gained access to their systems through remote-access service providers whose credentials had been compromised. Wendy’s is offering one year of complimentary fraud services to all of its potentially affected customers.

What should you do?

  • Review this list of over 1,000 affected Wendy’s locations.
    If you used a debit or credit card at any of these locations between February 2016 and June 2016, your information could have been compromised.
  • Monitor your credit and debit accounts regularly.
    Safeguard your personal and financial information, and report any suspicious activity to your bank immediately.
  • Enroll in complimentary fraud protection services.
    If you have been affected by this breach, take advantage of the complimentary fraud consultation and identity restoration services that Wendy’s is offering to protect yourself against future data breaches.

The views and opinions expressed in this article are those of EZShield Inc. alone and do not necessarily reflect the opinions of any other person or entity, including specifically any person or entity affiliated with the distribution or display of this content.

John is General Counsel and Chief Privacy Officer of Sontiq, the parent company of the EZShield and IdentityForce brands. He is a Certified Compliance...
Read more about John Burcham.

Leave a Comment.