Friday, July 8, 2016

Cyber Attack at Wendy's Affects Area Locations

DUBLIN, Ohio (PRNewswire) - The Wendy's Company (NASDAQ: WEN) updated its customers today regarding malicious cyber activity experienced at some Wendy's® restaurants. The Company first reported unusual payment card activity affecting some franchise-owned restaurants in February 2016. Subsequently, on June 9, 2016, the Company reported that an additional malware variant had been identified and disabled. Today, the Company, on behalf of affected franchise locations, is providing information about specific restaurant locations that may have been impacted by these attacks, all of which are located in the U.S., along with support for customers who may have been affected by the malware variants.
Wendy's customers are encouraged to learn more about this new information at the following address: The update includes a list of restaurant locations that may have been involved in the incidents, as well as information on how customers can protect their credit and details regarding how potentially affected customers can receive one year of complimentary fraud consultation and identity restoration services. A link to the update can also be found on the Company's homepage,
Working closely with third-party forensic experts, federal law enforcement and payment card industry contacts as part of its ongoing investigation, the Company has determined that specific payment card information was targeted by the additional malware variant. This information included cardholder name, credit or debit card number, expiration date, cardholder verification value, and service code.
Generally, individuals that report unauthorized charges in a timely manner to the bank or credit card company that issued their card are not responsible for those charges. As always, in line with prudent personal financial management, we encourage our customers to be diligent in watching for unauthorized charges on their payment cards.
The Company believes the criminal cyber-attacks resulted from service providers' remote access credentials being compromised, allowing access – and the ability to deploy malware – to some franchisees' point-of-sale systems. To date, there has been no indication in the ongoing investigation that any Company-operated restaurants were impacted by this activity.
The Company worked with investigators to disable the malware involved in the first attack earlier this year. Soon after detecting the malware variant involved in the latest attack, the Company identified a method of disabling it and thereafter disabled it in all franchisee restaurants where it was discovered. The investigation has confirmed that criminals used malware believed to have been effectively deployed on some Wendy's franchisee systems starting in late fall 2015.
The Company has continued to update customers on the progress of its investigation, most recently on June 9. Previous updates can be found on

These area Wendy's are among the affected locations, along with the dates each were affected:


  • 2310 S CEDAR ST  11/1/2015 - 2/14/2016

  • Lawrence

  • 601 KASOLD 11/4/2015 - 2/14/2016
  • 523 W. 23RD ST. 11/4/2015 - 2/14/2016
  • Topeka, Kansas

  • 1251 SW GAGE BLVD. 12/2/2015 - 6/8/2016
  • 1820 S.W. WANAMAKER ROAD 12/2/2015 - 6/8/2016
  • 3250 SW TOPEKA BLVD 12/2/2015 - 6/8/2016 

  • As well as several others in the Kansas City/Leavenworth areas and around the country. For a complete list check here

    No comments:

    Post a Comment

    The Baldwin City Gazette welcomes your comments, as long as they are on topic and remain respectful to others. Please no anonymous comments. Comments containing advertising will be marked as spam, this includes links.