RSS   Newsletter   Contact   Advertise with us

Wendy’s finds more malware, raises number of restaurants affected

Staff writer ▼ | June 10, 2016
The Wendy's Company said additional malicious cyber activity has recently been discovered in some franchise-operated restaurants. The company has disabled the malware where it has been detected.
Data security   An additional 50 franchise restaurants were attacked
This is the result of the company's continuing investigation into unusual credit card activity at some Wendy's restaurants. Reports indicate that payment cards used legitimately at Wendy's may have been used fraudulently elsewhere.

Based on the preliminary findings of the previously-disclosed investigation, the company reported on May 11 that malware had been discovered on the point of sale (POS) system at fewer than 300 franchised North America Wendy's restaurants.

An additional 50 franchise restaurants were also suspected of experiencing, or had been found to have, other cybersecurity issues. As a result of these issues, the company directed its investigator to continue to investigate.

In this continued investigation, the company has recently discovered a variant of the malware, similar in nature to the original, but different in its execution. The attackers used a remote access tool to target a POS system that, as of the May 11th announcement, the Company believed had not been affected.

This malware has been discovered on some franchise restaurants' POS systems, and the number of franchise restaurants impacted by these cybersecurity attacks is now expected to be considerably higher than the 300 restaurants already implicated.

To date, there has been no indication in the ongoing investigation that any company-operated restaurants were impacted by this activity.