Did you know that on December 19, 2019, Wawa had announced a data security incident involving personal and payment card information. Malware began running on in-store payment processing systems as early as March 4, 2019 and was potentially present at all Wawa locations by April 22, 2019.
The malware was discovered on December 10 and blocked within two days. Wawa immediately initiated an investigation, notified law enforcement and payment card companies and engaged a leading external forensics firm to support response efforts.
The information exposed included Credit & Debit card numbers, Expiration dates, and Cardholder names.