In late January, the nationwide fast-food chain, Wendy’s, became aware of a possible credit card breach at some of its locations after customers reported unusual activity on their payment cards.

Wendy’s claims to have found malware on some their restaurant locations systems that's designed to steal card data. This breach is currently still under investigation and the company says it still does not know how many people are impacted.

While the extent of this breach is still unknown, it has been said that the breach appears to be on track to surpass the damages of the infamous Target and Home Depot breaches.

Dan Berger, CEO of the National Association of Federal Credit Unions, states there was a huge increase in debit card fraud in the weeks prior to Wendy’s breach going public. He claims much of the fraud was later linked to customers who visited Wendy’s locations less than a month prior.

According to Berger, “This is what we’ve heard from three different credit union CEOs in Ohio now: It’s more concentrated and the amounts hitting compromised debit accounts is much higher than what they were hit with after Home Depot or Target. It seems to have been a sophisticated group, in terms of timing and the accounts they targeted. They were targeting and draining debit accounts with lots of money in them.”

The scary part- these criminals don’t even have to know victims PIN numbers to drain the accounts. Most banks and credit unions allow customers to call in through an automated system and change their PINs, using credentials like Social Security numbers, birth dates, and card expiration date to verify the cardholder’s identity. Once the thief has changed the PIN, they use a counterfeit copy of the card to withdraw cash from the accounts at ATMs.

An anonymous credit union CEO stated in an email to Berger, “We have been getting killed lately with debit card fraud. We have already hit half of our normal yearly fraud so far this year, and it’s not even the end of January. After reading this, we reviewed activity on some of our accounts which had fraud on them. The first six we checked had all been to Wendy’s in the last quarter of 2015. All I’m suggesting is that we’re expecting much higher losses lately than we ever did after the Target or Home Depot problems. I think we may end up with 5 to 10 times the loss on this breach, wherever it occurred.”

Berger has claimed that NAFCU’s members are unsure whether they should simply reissue card for any and all customers who visited a Wendy’s location anytime recently, or if they should hold off. Remember, Wendy’s has not even come out and told the public how long this breach lasted, or if the malware is even contained!

October 2015 was the deadline for banks and credit unions to issue more secure means of payment, the EMV chip-based credit & debit cards. While these EMV cards are designed to make stealing credit credentials more difficult & expensive for criminals, without the implementation of the chip-card readers and if not used correctly, the cards will not stop a breach. While it’s not for certain, it seems quite likely that the infected Wendy’s locations were not asking patrons to use the chip card reader and instead swipe using the magnetic stripe.

One thing will always remain the same- criminals will always want to steal your financial information. As cyber criminals grow in sophistication each year, so should your IT environment. POS terminals have been proven to be easy targets for criminals and simply too sensitive to leave them without defense measures implemented. When will you take action?

Start with the implementation of a hardened build standard with precision change detection, coupled with breach detection technology will ensure that even if a breach is successful, you’ll at least be alerted to the fact immediately and be in a position to take action to prevent any card data loss. In addition to abiding by the PCI DSS compliance standards and adopting the latest EMV terminals, companies need to implement true end-to-end encryption and that also includes encrypting any data in the memory.


Read more on PCI DSS Compliance

Read this article on Krebs on Security





The Most Powerful & Reliable Cybersecurity Products

change tracker gen7r2 logo

Change Tracker Gen 7R2: Complete configuration and system integrity assurance combined with the most comprehensive and intelligent change control solution available.

FAST Cloud logo

Fast Cloud: Leverage the world’s largest whitelist repository to automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology)

vulnerability tracker logo

Vulnerability Tracker: The world’s only limitless and unrestricted vulnerability scanning solution with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.

log tracker logo

Log Tracker: Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds

Contact Us

Corporate Headquarters

6160 Warren Parkway, Suite 100
Frisco, Texas, 75034

Phone 1: 1-949-407-5125

Phone 2: 888-638-9749 (toll-free)

[email protected]

United Kingdom

5 New Street Square
London EC4A 3TW

Phone: +44 (0) 203 588 3023

 [email protected]
SC Magazine Cybersecurity 500 CSGEA Winners 2021 CIS benchmarking SEWP Now Certified IBM Security
Copyright 2024, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.