In late December 2019, fuel and convenience store chain Wawa Inc. said a nine-month-long breach of its payment card processing systems may have led to the theft of card data from customers who visited any of its 850 locations nationwide. Now, fraud experts say the first batch of card data stolen from Wawa customers is being sold at one of the underground’s most popular crime shops, which claims to have 30 million records to peddle from a new nationwide breach.
Now, on the evening of Monday, Jan. 27, a popular fraud bazaar known as Joker’s Stash began selling card data from “a new huge nationwide breach” that purportedly includes more than 30 million card accounts issued by thousands of financial institutions across 40+ U.S. states. Two sources that work closely with financial institutions nationwide tell KrebsOnSecurity the new batch of cards that went on sale Monday evening — dubbed “BIGBADABOOM-III” by Joker’s Stash — map squarely back to cardholder purchases at Wawa.
Exclusive: The 9-month breach last year at Wawa filling stations may have compromised >30 million payment cards, the first batch of which just went up for sale in the cybercrime underground. https://t.co/8J4AgrXifB pic.twitter.com/U4mv40E6mx
— briankrebs (@briankrebs) January 28, 2020
Experts Comments
Linkedin Message
@Robert Capps, VP , provides expert commentary at @Information Security Buzz.
"Many retailers and are suffering from PoS attacks as hackers deploy malware within the merchant payment ecosystem...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-analysis-of-wawa-breach-potentially-compromised-30-million-payment-cards
Facebook Message
@Robert Capps, VP , provides expert commentary at @Information Security Buzz.
"Many retailers and are suffering from PoS attacks as hackers deploy malware within the merchant payment ecosystem...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-analysis-of-wawa-breach-potentially-compromised-30-million-payment-cards
Linkedin Message
@Stuart Sharp, VP of Solution Engineering, provides expert commentary at @Information Security Buzz.
"Whether or not these readers would have prevented the attack...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-analysis-of-wawa-breach-potentially-compromised-30-million-payment-cards
Facebook Message
@Stuart Sharp, VP of Solution Engineering, provides expert commentary at @Information Security Buzz.
"Whether or not these readers would have prevented the attack...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-analysis-of-wawa-breach-potentially-compromised-30-million-payment-cards
Linkedin Message
@Sam Curry, Chief Security Officer, provides expert commentary at @Information Security Buzz.
"Explanations for breaches of this sort in the payment card and financial services demand a little more than a form letter and business as usual. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-analysis-of-wawa-breach-potentially-compromised-30-million-payment-cards
Facebook Message
@Sam Curry, Chief Security Officer, provides expert commentary at @Information Security Buzz.
"Explanations for breaches of this sort in the payment card and financial services demand a little more than a form letter and business as usual. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-analysis-of-wawa-breach-potentially-compromised-30-million-payment-cards
Linkedin Message
@James McQuiggan, Security Awareness Advocate, provides expert commentary at @Information Security Buzz.
"Granted, it\'s a huge overhaul of all the POS systems at gas stations to get them upgraded to the new secure readers...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-analysis-of-wawa-breach-potentially-compromised-30-million-payment-cards
Facebook Message
@James McQuiggan, Security Awareness Advocate, provides expert commentary at @Information Security Buzz.
"Granted, it\'s a huge overhaul of all the POS systems at gas stations to get them upgraded to the new secure readers...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-analysis-of-wawa-breach-potentially-compromised-30-million-payment-cards
Be part of our growing Information Security Expert Community (1000+), please register here.
Linkedin Message
@Mark Bell, Managing Director, provides expert commentary at @Information Security Buzz.
"It’s hard to understand how a breach of this magnitude is still occurring in today’s card-present security environment. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-analysis-of-wawa-breach-potentially-compromised-30-million-payment-cards
Facebook Message
@Mark Bell, Managing Director, provides expert commentary at @Information Security Buzz.
"It’s hard to understand how a breach of this magnitude is still occurring in today’s card-present security environment. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-analysis-of-wawa-breach-potentially-compromised-30-million-payment-cards