x
Breaking News
More () »

6 Wendy’s locations in Connecticut among 1000 affected in credit card hack

Customers who have eaten at Wendy’s restaurant and used a debit or credit card to pay for their food are being encouraged to check their statements and re...
Wendy’s

Customers who have eaten at Wendy's restaurant and used a debit or credit card to pay for their food are being encouraged to check their statements and read more information on a cyber breach found at some franchise-owned restaurants.

The following restaurants may have been impacted by the cyber attack using malware, click for locations near you.

Here are a list of impacted Connecticut locations:

  • Bridgeport: 2162 Fairfield Avenue
  • Greenwich: 460 West Putnam
  • Norwalk:
    • 67 New Californiana Avenue
    • 496 Connecticut Avenue
  • Shelton: 84 Bridgeport Avenue
  • Stratford: 1105 Main Street

Wendy's Company first reported unusual payment card activity in February 2016, and believes the activity may have occurred as early as October 2015.  Then, on June 9, 2016, company officials reported that an additional malware variant had been identified and disabled.

All of the impacted locations are located in the United States. With more than 1,000 locations impacted, that's 17.5 percent of all U.S. Wendy's restaurants.

Wendy's customers are encouraged to learn more about the cyber attacks at the following address: www.wendys.com/notice.  The link update includes a list of restaurant locations that may have been involved in the incidents, as well as information on how customers can protect their credit and details regarding how potentially affected customers can receive one year of complimentary fraud consultation and identity restoration services.  A link to the update can also be found on the Company's homepage, www.wendys.com.

"We are committed to protecting our customers and keeping them informed. We sincerely apologize to anyone who has been inconvenienced as a result of these highly sophisticated, criminal cyber attacks involving some Wendy's restaurants," said Todd Penegor, president and CEO. "We have conducted a rigorous investigation to understand what has occurred and apply those learnings to further strengthen our data security measures."

Wendy's said it has worked closely with third-party forensic experts, federal law enforcement and payment card industry contacts. Wendy's determined that the cyber attackers targeted key information in their malware including the cardholder's name, credit or debit card number, expiration date, cardholder verification value, and service code.

"Generally, individuals that report unauthorized charges in a timely manner to the bank or credit card company that issued their card are not responsible for those charges.  As always, in line with prudent personal financial management, we encourage our customers to be diligent in watching for unauthorized charges on their payment cards," Wendy's said in a statement.

The company believes the criminal cyber attacks resulted from service providers' remote access credentials being compromised, allowing access – and the ability to deploy malware – to some franchisees' point-of-sale systems.  To date, there has been no indication in the ongoing investigation that any company-operated restaurants were impacted by this activity.

The Wendy's Company said the malware involved in the first attack earlier this year has been disabled with the help of investigators.

"Soon after detecting the malware variant involved in the latest attack, the Company identified a method of disabling it and thereafter disabled it in all franchisee restaurants where it was discovered. The investigation has confirmed that criminals used malware believed to have been effectively deployed on some Wendy's franchisee systems starting in late fall 2015," Wendy's said.

Click here for a statement from Todd Penegor, president and CEO of The Wendy's Company.

Before You Leave, Check This Out