WaWa, a convivence store chain based in Pennsylvania, has announced that it was the victim of a malware attack. The attack was discovered on December 10th and stopped on the 12th. The malware infected its payment processing servers and is believed to have collected payment card numbers, customer names, and other data as early as March 4th of this year. The breach affected all of its 850 locations and included the in-store and fuel dispenser payments. The company stated that it does not know how many customers were affected but they are working with law enforcement and a forensics firm to conduct the investigation. WaWa did state that they are notifying customers and offering free credit and identity theft monitoring services.
With all the news around COVID-19/Coronavirus, the average person is turning to the internet for