30 Million Credit Cards Leaked in the Biggest Wawa Breach to Date

30 Million Credit Cards Leaked in the Biggest Wawa Breach to Date Featured Image
Bojan Jovanovic Image

January 30,2020

DataProt is supported by its audience. When you buy through links on our site, we may earn a commission. This, however, does not influence the evaluations in our reviews. Learn More.

Credit card details of over 30 million Americans are being sold on the dark web following a massive data breach at convenience chain store Wawa.   

Gemini Advisory, a New York-based fraud intelligence firm, revealed that the data was being uploaded to the Joker’s Stash site. The dump has been linked to a Wawa breach, which was discovered in December. 

However, the attackers have reportedly been inside the network since last March, uploading malware to Wawa’s servers and abusing a security hole in the company’s in-store payment processing system. According to Gemini Advisory, more than 850 systems have been infected so far.

The stolen card details are now being sold for roughly $17 a piece, and some are bringing in as much as $210.

Wawa said in a statement that it was working closely with federal law enforcement in their ongoing investigation while trying to enhance protections of customer information.  While in this case individual users weren't at fault, it's still wise to keep CC security practices in mind when using them, both offline and online.

This is one of the largest payment processing breaches in the past decade. It remains to be determined how much Wawa will pay in damages, but some believe the  financial blow could be as high as $50 million. 

There are no comments yet
Leave your comment

Your email address will not be published.*