Wawa Breach - Data On 30m Card Users For Sale

Uploaded on 2020-02-05 in TECHNOLOGY--Hackers, GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-Financial

The payment card details of more than 30 million Americans, believed to have been stolen in a data breach at convenience store chain Wawa, have been put up for sale on the Dark Web. In late December 2019, fuel and convenience store chain Wawa Inc. said a nine-month-long breach of its payment card processing systems may have led to the theft of card data from customers who visited any of its 850 locations nationwide. 

Fraud experts now say the first batch of card data stolen from Wawa customers is being sold at one of the underground’s most popular crime shops, which claims to have 30 million records to peddle from a new nationwide breach of Wawa convenience stores and fuel stations that was first revealed in December.

The Joker’s Stash marketplace, one of the largest and most notorious dark web marketplaces for buying stolen payment card data, has advertised its next major breach since December 2019. The latest advertisement claimed that the cards would go live on January 27, 2020 at 11:00 PM EST. The full collection would include 30 million US records across more than 40 states, as well as over one million non-US records from more than 100 different countries.

While Wawa has the most of its locations in New Jersey and Pennsylvania, according to an anysis by Deep Web experts at Gemini Advisory, the highest exposure of cards currently comes from Wawa locations in Florida, followed by Pennsylvania. Joker’s Stash began advertising in December that it would upload a sizeable collection of US, European and global cards, including geolocation data listing the cardholder’s state, city, and ZIP Code, on Jan. 27. 

The clandestine marketplace boasted that the collection would include 30 million US records across more than 40 states, as well as more than 1 million international records from more than 100 different countries.

While Wawa, which operates mainly in Delaware, Florida, Maryland, New Jersey, Pennsylvania, Virginia and Washington, DC, discovered the breach in December, bad actors were collecting data for almost 10 months using malware on Wawa’s in-store payment processing system, the company said at the time. 

The malware first infected in-store payment processing systems after March 4; by April 22, most store system, more than 850 in total, had been affected.

Overall, the Joker’s Stash collection suggests that the Wawa breach has the dubious honor of being among some of the largest payment-card breaches of all time, joining other, more widely known retail companies. While it remains to be seen the financial affect Wawa will feel from the breach, historically such incidents cost the companies affected a considerable sum of money. 

Home Depot, for instance, lost $40 million in investigation and recovery costs, and eventually agreed to pay $19 million in compensation for the more than 50 million cardholders affected by its 2014 breach. In the 2013 a mega-breach at Target Corp. fraudsters stole roughly 40 million cards of which between one and three million were actually sold.

Wawa says that it is aware the card data has surfaced and that it has alerted its payment processor, card brands, and issuers to "heighten fraud monitoring activities".

PaymentCardsandMobile:      Threatpost:           GeminiAdvisory:      Krebs On Security:   FinExtra

You Might Also Read:

Why Is Retail Cyber Security So Weak?:

 

 

 

« Industry 4.0 - Changing How We Live
Preparing Your Employees & Business Systems For A Cyber Attack »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Indium Software

Indium Software

Indium Software is an Independent Software Testing Company offering software testing services (including security testing) and offshore Quality Assurance solutions.

Cybercrowd

Cybercrowd

Cybercrowd is a cyber security specialist offering technical services, cyber security assessments, guidance and security thought leadership.

Guy Carpenter

Guy Carpenter

Guy Carpenter delivers a powerful combination of broking expertise, strategic advisory services, and industry-leading analytics.

RedSeal

RedSeal

RedSeal’s network modeling and risk scoring platform is the foundation for enabling enterprise networks to be resilient to cyber events.

TechVets

TechVets

TechVets is a non-for-profit helping UK veterans and service leavers retrain into Cyber Security and Technology jobs.

LuJam Cyber

LuJam Cyber

LuJam Cyber is a cybersecurity company that provides protection to SME Networks.

Haventec

Haventec

Haventec’s internationally patented technologies reduce cyber risk and enable pervasive trust services with a decentralised approach to authentication.

Taoglas

Taoglas

Taoglas Next Gen IoT Edge software provides a pay as you go platform for customers to connect, manage and maintain their edge devices in an efficient and secure way.

HOBI International

HOBI International

HOBI International is a leading mobile, IT and data center asset management provider with solutions for device management, reverse logistics, data erasure, refurbishment and recycling.

Sky Republic

Sky Republic

Sky Republic offers a Smart Contract Platform to integrate and synchronize business networks beyond EDI and API.

Findcourses.co.uk

Findcourses.co.uk

Findcourses is a dedicated education search engine designed to make it easy for our learners to search and find exactly what they need from our community of trusted training providers.

Cybots

Cybots

Cybots is a multinational cyber defence brand founded in Singapore in 2018 to help organizations stay ahead of increasingly sophisticated threats from cyber criminals.

ProLion

ProLion

ProLion provides Data Integrity solutions that ensure organisations’ data remains secure, compliant, manageable and accessible.

South West Cyber Resilience Centre (SWCRC)

South West Cyber Resilience Centre (SWCRC)

The South West Cyber Resilience Centre (SWCRC) is led by serving police officers, as part of a not-for-profit partnership with business and academia.

OccamSec

OccamSec

OccamSec is a leading provider in the world of cybersecurity. We provide accurate, actionable information to reduce risk and enable better informed decisions.

Mediatech

Mediatech

Mediatech, specialized in managed Cybersecurity and Cloud services, a single point of contact for your company's IT and infrastructure.