Wendy’s the famous fast food joint in America has disclosed on Thursday that the data breach which hit its restaurant’s network was more than three times bigger than originally disclosed and exposed customer credit card data.
The malware which was installed on point of sale systems was discovered at over 1000 of its franchised restaurants which were earlier reported as 300 stores.
Wendy’s probe said that hackers gained access to the machines using remote access credentials of a third party service provider. The restaurant CIO said that the breach took place in 2015, but was only discovered in early 2016. Now, very recently in June 2016, a second malware variant had infected its systems and was discovered by the security analysts.
The recently hit malware was discovered to be a major threat to data security as it targeted cardholder’s name, credit or debit card numbers, expiration date, cardholder verification value and service code. The restaurants which were affected were all listed on a website owned by a hackers group.
With the second hack, The Ohio based restaurant joins the list of latest US brands to have been hit by cyber attacks. In 2014, a similar malware hit Target and Home Depot via the login credentials of third party.
Through this media posting, Wendy’s has urged all its customers to look out for unauthorized charges or transactions of their credit cards and when found, asked them to report to their respective banks to follow security steps.