In late 2015, The Wendy's Company suffered a data breach caused by malware infiltrating its point-of-sale (POS) systems. The incident originated from compromised remote access credentials belonging to third-party service providers, allowing attackers to deploy malware across certain franchise locations. The breach specifically targeted customer payment card information, exposing sensitive financial data between **December 2, 2015**, and **May 18, 2016**. While the exact number of affected customers was not disclosed in the initial report, the California Office of the Attorney General confirmed the breach’s severity due to the potential for fraudulent transactions and financial harm to customers. The attack highlighted vulnerabilities in third-party vendor security practices and the risks associated with remote access to critical payment infrastructure. Wendy’s subsequently worked with cybersecurity firms to contain the breach, remove the malware, and enhance security protocols to prevent future incidents. The incident underscored the broader threat landscape facing retail and hospitality sectors, where POS systems remain prime targets for cybercriminals seeking financial data.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-62870
TPRM report: https://www.rankiteo.com/company/wendys-international
"id": "wen225082125",
"linkid": "wendys-international",
"type": "Breach",
"date": "12/2015",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Fast Food / Restaurant',
'location': 'United States (specific franchise '
'locations)',
'name': "The Wendy's Company",
'type': 'Franchise (selected locations)'}],
'attack_vector': 'Malware on POS systems via compromised remote access '
'credentials',
'data_breach': {'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Payment card information']},
'date_publicly_disclosed': '2016-07-15',
'description': 'The California Office of the Attorney General reported that '
"The Wendy's Company experienced a data breach involving "
'malware on point-of-sale (POS) systems starting from late '
'fall 2015. The breach was linked to compromised remote access '
'credentials from service providers, potentially compromising '
'customer payment card information. The incident affected some '
'franchise locations, with specific impact dates noted as '
'December 2, 2015, and May 18, 2016.',
'impact': {'data_compromised': ['Customer payment card information'],
'identity_theft_risk': 'Potential (due to payment card data '
'exposure)',
'payment_information_risk': 'High (payment card data compromised)',
'systems_affected': ['Point-of-sale (POS) systems']},
'initial_access_broker': {'entry_point': 'Compromised remote access '
'credentials from third-party '
'service providers',
'high_value_targets': ['POS systems']},
'references': [{'date_accessed': '2016-07-15',
'source': 'California Office of the Attorney General'}],
'regulatory_compliance': {'regulatory_notifications': ['California Office of '
'the Attorney '
'General']},
'title': "Wendy's Company Data Breach via Malware on Point-of-Sale Systems",
'type': 'Data Breach',
'vulnerability_exploited': 'Compromised remote access credentials from '
'third-party service providers'}