We’re always warning you about the latest data breaches — and for good reason. If you are the victim of a breach, you need to act fast before criminals do too much damage.
Many of the data breaches we report are ones that put your financial information at risk when scammers steal payment information from popular websites. Tap or click here to learn about a recent Facebook breach impacting millions. Due to the constant warnings, many overlook how serious online breaches are.
But what about breaches that put your banking information at risk from retailers you visit in person? This does happen from time to time and unfortunately, we just learned about a recent occurrence. A massive data breach at a popular grocery chain has put hundreds of thousands of customers’ payment information at risk.
Has your credit card data been breached?
Have you ever shopped at WaWa? It’s a chain of popular convenience stores and gas stations, mostly along the east coast. This week the company announced it discovered a data breach, potentially impacting hundreds of thousands of customers.
Here’s what happened according to WaWa: At different points in March of this year, malware began running on its in-store payment processing systems at potentially all WaWa locations.
The malware was present on most store systems by approximately April 22, 2019. WaWa’s information security team identified the malware on Dec. 10, and by Dec. 12 the malware was blocked and contained.
But that means the malware went unchecked for nearly nine months, and anyone who shopped at WaWa could be affected.
Here is a list of information that was potentially stolen:
- Credit and debit card numbers
- Expiration dates
- Cardholder names
This malware affected payment card information at potentially all WaWa in-store payment terminals and fuel dispensers. At this point, the company said PIN codes, card CW2 numbers and driver’s license information used to verify age-restricted purchases were not affected.
If you used a debit or credit card at any WaWa location between March and Dec. 10, you’ll want to keep reading to find out what to do next.
What to do if you were part of this breach
If there is a chance your credit card data is part of this breach, there are security steps you can take. Here are some suggestions from WaWa:
- Register for Identity Protection Services – WaWa and Experian have teamed up to provide potentially impacted customers with one year of identity theft protection and credit monitoring at no charge to customers. To enroll, visit the Experian IdentityWorks website by tapping or clicking here. You’ll need to provide the following activation code: 4H2H3T9H6. Or, you can call Experian’s customer care team at 1-844-386-9559 (Monday – Friday between 9 a.m. and 9 p.m. Eastern, or Saturday between 11 a.m. and 8 p.m.) and you’ll need the same activation code.
- Check your bank card statements – Whenever your banking information is potentially breached, you must keep an eye on your accounts. If you see any suspicious activity, immediately report it to your financial institution. Federal law and credit card rules state customers who notify their card company in a timely manner upon discovering fraudulent charges will not be responsible for those charges.
- Look over your credit report – If you enroll in the Experian service being offered, you will have access to any activity on your credit report. Also, under U.S. law you are entitled to one free credit report annually from each of the three consumer reporting agencies. Tap or click here to learn how to get yours.
When companies like WaWa get hit by a breach, they typically offer some type of remedy like the ones we just listed. In all cases, you still need to do your part by staying vigilant. Checking your credit report and always keeping an eye on bank statements can help stop fraudsters in their tracks before the damage gets too far.