It hasn’t been long since we heard of the Wawa card breach following a malware attack. Now, the attackers have also put up the stolen data online for sale. This new data dump revealed the huge impact of the incident since the data for sale includes 30 million records.
Wawa Card Breach – Data Put On Sale
In December 2019, Wawa Stores became a victim of a massive POS malware campaign attacking different targets. The malware continued to run on the store’ POS at different locations for about nine months. And, during this time, the malware pilfered comprehensive payment card data of the users.
While, at that time, the extent of the attack remained unveiled. However, it now appears that it at least lost 30 million records to the attackers.
According to a recent report from Brian Krebs, starting this week, the popular fraud website in the underground world, Joker’s Stash, advertised a huge data dump. Boasted as ‘BIGBADABOOM-III’, the data dump included more than 30 million records from a ‘nationwide breach’. Krebs could further trace the data back to the Wawa data breach.
According to a recent press release, Wawa has confirmed the appearance of stolen data online for sale. They have also elaborated on their collaboration with financial institutions over the matter.