Food chain Wendy's hit by massive hack
Source: BBC
Popular US food chain Wendy's has been hit by a massive cyber attack, the company has confirmed.
The company reported suspicious activity earlier this year, but the scale of the breach is far bigger than first anticipated.
At least 1,025 of its restaurants were targeted - with debit and credit card information stolen.
The company did not speculate how many people may have been affected, though it did say all of the locations were in the US.
[font size=1]-snip-[/font]
Read more: http://www.bbc.com/news/technology-36742599
Dave Lee
North America technology reporter
8 July 2016 Technology
scscholar
(2,902 posts)analyst for restaurants, I'm simply stunned. Even the ones we bought a couple of months ago in Caracas, didn't keep credit card numbers!
Kelvin Mace
(17,469 posts)is a better set up. The merchant never gets your CC number.
silvershadow
(10,336 posts)to keep up. Now that I know this, I may look into it.
Kelvin Mace
(17,469 posts)silvershadow
(10,336 posts)whatever the word is. I guess I just need to take a few minutes to read about it. I just recently had two different cards reissued to me at my bank's notification. Seems I (and by I, I mean "they" have been hacked, or rather a merchant I used it at had been.
Kelvin Mace
(17,469 posts)When you pay for something the phone give the merchant a one time use token for $x and the merchant presents the token to the bank for payment. The merchant never gets your name, card number, or anything else, only the digital token.
George II
(67,782 posts)....states.
If it's an American Express card, the owner has zero liability. Others have something like $50 or $100 limits.
Debit cards may be another story, but even with them most banks have pretty good security coverage.
progree
(10,909 posts)more, often more like $40).
I had my credit card hacked a few years ago (the card was from Chase FWIW). I found out about it when Chase called me and asked me if I had recently been to a certain hotel in New Hampshire. Nope. They said they were freezing my account and sending me a new card in overnight mail, with a new account number.
PROBLEM: I had about 12 entities like utilities that are auto-paid off that card. So I have to go to each one of their websites and change the card number. Every website is different, and some of them can be hard to find that information, or I no longer can log in because its been ages since I've logged in, so I have to go through a dance. Calling the entities phone numbers might be easier sometimes, but there's being on hold, getting transferred around etc. Anyway, I figured that project took 4-6 hours.
Now I have two credit cards -- a "wild" one that I use for online shopping, and in stores and restaurants. The other one is dedicated just for recurring billing. And I never take it with me anywhere. With the thought that the recurring billing one is a lot less likely to be compromised than the "wild" one.
Oh, one thing that was nice about Chase was they said they would continue paying the recurring billing entities for 90 days or something like that. So I had 90 days to make the changes.
As for debit cards, I hear it is just a bad idea to use them, unless you can bear to have the checking account that it is attached to frozen. And to get new checkbooks, sigh. I only use my debit card for ATM (and yes I've heard of ATM skimmers)
And I like credit cards much better, since I have 20 or 30 or whatever days to pay it, and its so nice too that its all lumped together into one payment. Whereas when I use my debit card, my checking account is dunned immediately.
shenmue
(38,506 posts)They suck.
Crash2Parties
(6,017 posts)"Malware - malicious software - had been installed on point-of-sale systems in the affected locations."
"Wendy's has blamed a third-party for the intrusion, saying a "service provider" that had remote access to the till systems was compromised. "
So someone hit the third party "partner" that Wendy's subcontracts to run their POS so they don't have to handle it in house and it was that company that actually was hacked? And then it was used to put code on the actual POS systems that collected CC info? That would imply a rather direct path from the POS systems to the Internet...no?
Rex
(65,616 posts)THIS is the reason I use cash. THIS.