ORLANDO, Fla. – Wawa CEO Chris Gheysens apologized to Wawa customers after a malware data breach.
Gheysens said the malware impacted customer credit card and debit card information.
The information security team discovered the malware on payment processing serves on Dec. 10 and contained it by Dec. 12, according to Gheysens.
The malware no longer poses a risk to customers, according to Wawa officials.
The data breach potentially hit every Wawa location beginning at different points in time after March 4, according to Wawa.
“I want to reassure you that you will not be responsible for any fraudulent charges on your payment cards related to this incident, as described in the detailed information below. Please review this entire letter carefully to learn about the resources Wawa is providing and the steps you should take now to protect your information,” Gheysens said.
The malware was on most store systems by approximately April 22, according to Wawa officials.
The chain said credit card numbers, debit card numbers, expiration dates, and cardholder names may all be affected.
Pin number and credit card security codes were not impacted, according to the chain.
The malware did not affect customers using ATM cash machines, according to Wawa.
“We continue to take steps to enhance the security of our systems. We have also arranged for a dedicated toll-free call center (1-844-386-9559) to answer customer questions and offer credit monitoring and identity theft protection without charge to anyone whose information may have been involved, which you can sign up for as described below,” Gheysens said.