Security News > 2020 > January > Wawa Breach May Have Affected More Than 30 Million Customers

A recent dump of payment card information being sold on a popular online fraud marketplace suggests that more than 30 million payment cards may have been affected by a malware attack and data breach at Wawa convenience stores and gas stations that was first revealed in December.

The marketplace boasted that the collection would include 30 million U.S. records across more than 40 states, as well as more than 1 million international records from more than 100 different countries, researchers wrote.

Overall, the Joker's Stash collection suggests that the Wawa breach has the dubious honor of being among some of the largest payment-card breaches of all time, joining other, more widely known retail companies, according to Gemini researchers.

"It is comparable to Home Depot's 2014 breach exposing 50 million customers' data or to Target's 2013 breach exposing 40 million sets of payment card data," Alforov and Thomas wrote.

Home Depot lost $43 million in investigation and recovery costs, and eventually agreed to pay $19.5 million in compensation for the more than 50 million cardholders affected by its 2014 breach.

News URL

https://threatpost.com/wawa-breach-30-million-customers/152328/