If you bought gas or groceries at a Wawa store during this past year, you'd better look over your credit-card statements. If you find anything suspicious, notify your card issuer immediately.
Wawa, the East Coast convenience-store chain that operates more than 800 outlets stretching from New Jersey to Florida, disclosed yesterday (Dec. 19) that its payment-processing systems had been infected by card-stealing malware from March 4 until Dec. 12.
"Although the dates may vary and some Wawa locations may not have been affected at all, this malware was present on most store systems by approximately April 22, 2019," Wawa CEO Chris Gheysens wrote in an open letter to customers posted on the Wawa website. "You will not be responsible for any fraudulent charges on your payment cards related to this incident."
What to do now
If you think one of your payment cards may have been compromised, Wawa has set up a toll-free number to call at 1-844-386-9559.
Wawa has also set up free credit monitoring provided by Experian, which you can sign up for by calling the aforementioned toll-free number or by going to https://www.experianidworks.com/credit and entering the activation code 4H2H3T9H6.
Wawa also urges you to look over your payment-card statements for the past 10 months, and to get a free credit report at AnnualCreditReport.com.
What data was compromised?
The compromised information included:
- Credit and debit card numbers
- Card expiration dates
- Cardholder full names
However, the crooks apparently did NOT get:
- Debit card PINs
- Security codes printed on cards
- Driver's license numbers
What else you need to know
Only cards used at Wawa fuel pumps or in card readers at Wawa convenience-store counters were affected. The ATMs present in Wawa stores were not compromised, and neither were cash transactions.
It's not clear how many individual cardholders may be affected, but the number certainly runs well into the thousands.