Wawa Breach - Data On 30m Card Users For Sale

The payment card details of more than 30 million Americans, believed to have been stolen in a data breach at convenience store chain Wawa, have been put up for sale on the Dark Web. In late December 2019, fuel and convenience store chain Wawa Inc. said a nine-month-long breach of its payment card processing systems may have led to the theft of card data from customers who visited any of its 850 locations nationwide. 

Fraud experts now say the first batch of card data stolen from Wawa customers is being sold at one of the underground’s most popular crime shops, which claims to have 30 million records to peddle from a new nationwide breach of Wawa convenience stores and fuel stations that was first revealed in December.

The Joker’s Stash marketplace, one of the largest and most notorious dark web marketplaces for buying stolen payment card data, has advertised its next major breach since December 2019. The latest advertisement claimed that the cards would go live on January 27, 2020 at 11:00 PM EST. The full collection would include 30 million US records across more than 40 states, as well as over one million non-US records from more than 100 different countries.

While Wawa has the most of its locations in New Jersey and Pennsylvania, according to an anysis by Deep Web experts at Gemini Advisory, the highest exposure of cards currently comes from Wawa locations in Florida, followed by Pennsylvania. Joker’s Stash began advertising in December that it would upload a sizeable collection of US, European and global cards, including geolocation data listing the cardholder’s state, city, and ZIP Code, on Jan. 27. 

The clandestine marketplace boasted that the collection would include 30 million US records across more than 40 states, as well as more than 1 million international records from more than 100 different countries.

While Wawa, which operates mainly in Delaware, Florida, Maryland, New Jersey, Pennsylvania, Virginia and Washington, DC, discovered the breach in December, bad actors were collecting data for almost 10 months using malware on Wawa’s in-store payment processing system, the company said at the time. 

The malware first infected in-store payment processing systems after March 4; by April 22, most store system, more than 850 in total, had been affected.

Overall, the Joker’s Stash collection suggests that the Wawa breach has the dubious honor of being among some of the largest payment-card breaches of all time, joining other, more widely known retail companies. While it remains to be seen the financial affect Wawa will feel from the breach, historically such incidents cost the companies affected a considerable sum of money. 

Home Depot, for instance, lost $40 million in investigation and recovery costs, and eventually agreed to pay $19 million in compensation for the more than 50 million cardholders affected by its 2014 breach. In the 2013 a mega-breach at Target Corp. fraudsters stole roughly 40 million cards of which between one and three million were actually sold.

Wawa says that it is aware the card data has surfaced and that it has alerted its payment processor, card brands, and issuers to "heighten fraud monitoring activities".

PaymentCardsandMobile:      Threatpost:           GeminiAdvisory:      Krebs On Security:   FinExtra

You Might Also Read:

Why Is Retail Cyber Security So Weak?:

 

 

 

« Industry 4.0 - Changing How We Live
Preparing Your Employees & Business Systems For A Cyber Attack »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

WEBINAR: 2024 and Beyond: Top Six Cloud Security Trends

WEBINAR: 2024 and Beyond: Top Six Cloud Security Trends

April 4, 2024 | 11:00 AM PT: Join this webinar to find out about six emerging trends dominating the cloud cybersecurity landscape.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Celestix Networks

Celestix Networks

Celestix is a global provider of secure network solutions that enable the simple deployment of secure remote access connectivity.

Open Networking Foundation (ONF)

Open Networking Foundation (ONF)

The Open Networking Foundation (ONF) is a non-profit operator led consortium driving transformation of network infrastructure and carrier business models.

Axial

Axial

Axial Systems is one of the UK’s leading solution providers and systems integrators in network, security and services.

Apomatix

Apomatix

Apomatix is a platform that simplifies the complexity of cyber risk audit and management.

Cobalt Strike

Cobalt Strike

Cobalt Strike is penetration testing software designed to execute targeted attacks.

Security University

Security University

Security University is a leading provider of Qualified Hands-On Cybersecurity Education, Information Assurance Training and Certifications for IT and Security Professionals.

ShiftLeft

ShiftLeft

ShiftLeft is a continuous application security platform, purpose-built for the modern software development life cycle.

Security Innovation Network (SINET)

Security Innovation Network (SINET)

SINET is dedicated to building a cohesive, worldwide Cybersecurity community with the goal of accelerating innovation through collaboration.

Systems Assessment Bureau (SAB)

Systems Assessment Bureau (SAB)

Systems Assessment Bureau is an internationally recognized ISO Certification Body with a unique vision of “Excel together with global standards”.

Prism Infosec

Prism Infosec

Prism Infosec is an award-winning independent cyber security consultancy, CREST STAR, NCSC CHECK member, CAA ASSURE audit provider and PCI Qualified Security Assessor.

Netox

Netox

Netox is a comprehensive IT service provider that combines IT support services, IT solutions and specialist services; specializing in cybersecurity solutions.

Serbus

Serbus

Serbus Secure is a fully managed suite of secure communication, enterprise mobility and mobile device security tools.

Anchor Technologies Inc (ATI)

Anchor Technologies Inc (ATI)

Anchor provides a full spectrum of cybersecurity services assisting our clients with all aspects of cybersecurity risk planning, identification, management, and monitoring.

eMudhra

eMudhra

eMudhra is a leader in Identity and Transaction Management Solutions.

SignMyCode

SignMyCode

SignMyCode is a one-stop shop for trusted and authentic code signing solutions to safeguard software.

Lakera

Lakera

Lakera empowers developers and organizations to build GenAI applications without worrying about AI security risks.