Wawa Breach - Data On 30m Card Users For Sale

The payment card details of more than 30 million Americans, believed to have been stolen in a data breach at convenience store chain Wawa, have been put up for sale on the Dark Web. In late December 2019, fuel and convenience store chain Wawa Inc. said a nine-month-long breach of its payment card processing systems may have led to the theft of card data from customers who visited any of its 850 locations nationwide. 

Fraud experts now say the first batch of card data stolen from Wawa customers is being sold at one of the underground’s most popular crime shops, which claims to have 30 million records to peddle from a new nationwide breach of Wawa convenience stores and fuel stations that was first revealed in December.

The Joker’s Stash marketplace, one of the largest and most notorious dark web marketplaces for buying stolen payment card data, has advertised its next major breach since December 2019. The latest advertisement claimed that the cards would go live on January 27, 2020 at 11:00 PM EST. The full collection would include 30 million US records across more than 40 states, as well as over one million non-US records from more than 100 different countries.

While Wawa has the most of its locations in New Jersey and Pennsylvania, according to an anysis by Deep Web experts at Gemini Advisory, the highest exposure of cards currently comes from Wawa locations in Florida, followed by Pennsylvania. Joker’s Stash began advertising in December that it would upload a sizeable collection of US, European and global cards, including geolocation data listing the cardholder’s state, city, and ZIP Code, on Jan. 27. 

The clandestine marketplace boasted that the collection would include 30 million US records across more than 40 states, as well as more than 1 million international records from more than 100 different countries.

While Wawa, which operates mainly in Delaware, Florida, Maryland, New Jersey, Pennsylvania, Virginia and Washington, DC, discovered the breach in December, bad actors were collecting data for almost 10 months using malware on Wawa’s in-store payment processing system, the company said at the time. 

The malware first infected in-store payment processing systems after March 4; by April 22, most store system, more than 850 in total, had been affected.

Overall, the Joker’s Stash collection suggests that the Wawa breach has the dubious honor of being among some of the largest payment-card breaches of all time, joining other, more widely known retail companies. While it remains to be seen the financial affect Wawa will feel from the breach, historically such incidents cost the companies affected a considerable sum of money. 

Home Depot, for instance, lost $40 million in investigation and recovery costs, and eventually agreed to pay $19 million in compensation for the more than 50 million cardholders affected by its 2014 breach. In the 2013 a mega-breach at Target Corp. fraudsters stole roughly 40 million cards of which between one and three million were actually sold.

Wawa says that it is aware the card data has surfaced and that it has alerted its payment processor, card brands, and issuers to "heighten fraud monitoring activities".

PaymentCardsandMobile:      Threatpost:           GeminiAdvisory:      Krebs On Security:   FinExtra

You Might Also Read:

Why Is Retail Cyber Security So Weak?:

 

 

 

« Industry 4.0 - Changing How We Live
Preparing Your Employees & Business Systems For A Cyber Attack »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Atlantic Council

Atlantic Council

The Atlantic Council's Cyber Statecraft Initiative focuses on international cooperation, competition, and conflict in cyberspace.

Centre for International Governance Innovation (CIGI)

Centre for International Governance Innovation (CIGI)

CIGI research areas include Conflict Management & Security which encompass cyber security and cyber warfare.

Wallix

Wallix

Wallix is a software company offering privileged access management solutions for enterprises, public organizations and cloud service providers

IDnext

IDnext

IDnext is the open and independent platform to support innovative approaches in the world of the Digital identity.

Malware Patrol

Malware Patrol

Malware Patrol provides intelligent threat data that protects against cyber attacks.

Virsec Systems

Virsec Systems

Virsec detects and remediates previously “indefensible” advanced memory-based attacks on critical applications and server endpoints.

SCIS Security

SCIS Security

SCIS Security provides affordable cyber security services and solutions to small to medium sized businesses and homes.

Sikur

Sikur

Sikur have developed a communication platform that sets new boundaries for corporate privacy and security.

Axiomtek

Axiomtek

Axiomtek is a leading design and manufacturing company in the industrial computer and embedded field.

TechStak

TechStak

TechStak is the easiest way for businesses to find and connect with IT Pros and other technology solution providers in their area.

Squad

Squad

Squad provides leading expertise to ensure protection against the most complex cyber threats. Combining the best practices of DevOps and Cybersecurity, we are committed to create a secured cyber space

QA Consultants

QA Consultants

QA Consultants is North America’s largest software quality engineering services firm, an award-winning onshore provider of software testing and quality assurance solutions.

Numen Cyber Technology

Numen Cyber Technology

Numen Cyber Technology is committed to becoming a Threat Discovery and Response expert for corporate customers.

Keytos

Keytos

Keytos has revolutionized the Identity Management and PKI industry by creating cryptographic tools that allow you to go password-less by making security transparent to the user.

Praxis Security Labs

Praxis Security Labs

Praxis Security Labs is a research driven cybersecurity company that helps our customers to reduce risk and improve security.

CyberCure

CyberCure

CyberCure provide specialised roles and services to manage your organisations cybersecurity requirements and professional advisory services in governance, risk and compliance.