NewsLocal News


11 Wendy’s locations in Virginia affected in credit card hack

Posted at 7:09 PM, Jul 07, 2016
and last updated 2016-07-07 19:18:36-04

RICHMOND, Va. -- Customers who have eaten at Wendy's restaurant and used a debit or credit card to pay for their food are being encouraged to check their statements and read more information on a cyber breach found at some franchise-owned restaurants.

The following Virginia restaurants have been impacted by the cyber attack using malware:

Richmond: 4609 Williamsburg Rd. between the dates of 1/13/2016 - 6/8/2016.

Ashland: 11550 N. Lakeridge Pkwy. between the dates of 1/13/2016 - 6/8/2016

Fredericksburg:  5801 Plank Rd. between the dates of 12/2/2015 - 6/8/2016

Gordonsville: 441 Market St. between the dates of 1/13/2016 - 6/8/2016

Newport News:

14496 Warwick Blvd. between the dates of 1/13/2016 - 6/8/2016

15492 Warwick Blvd. between the dates of 1/13/2016 - 6/8/2016

12221 Jefferson Ave. between the dates of 1/13/2016 - 6/8/2016


4824 Monticello Ave. between the dates of 1/13/2016 - 6/8/2016

6666 Richmond Rd. between the dates of 1/13/2016 - 6/8/2016

1989 Richmond Rd. between the dates of 1/13/2016 - 6/8/2016

1907 Pocahontas Trail between the dates of 1/13/2016 - 6/8/2016

Here is the complete list of restaurants that may have been impacted by the cyber attack using malware, click for locations near you.

Wendy's Sells Major Stake In Arby's To Private Equity GroupWendy's customers are encouraged to learn more about the cyber attacks at the following address:

"If you have any questions or would like more information, you may call a toll-free number, (866) 779-0485, 8:00 am to 5:30 pm CST, Monday through Friday excluding major holidays to receive additional information regarding accessing the fraud consultation and identity restoration services," Wendy's said in a statement.

The link update includes a list of restaurant locations that may have been involved in the incidents, as well as information on how customers can protect their credit and details regarding how potentially affected customers can receive one year of complimentary fraud consultation and identity restoration services.  A link to the update can also be found on the Company's homepage,

Wendy's Company first reported unusual payment card activity in February 2016, and believes the activity may have occurred as early as October 2015.

Then, on June 9, 2016, company officials reported that an additional malware variant had been identified and disabled.

All of the impacted locations are located in the United States.

"We are committed to protecting our customers and keeping them informed. We sincerely apologize to anyone who has been inconvenienced as a result of these highly sophisticated, criminal cyber attacks involving some Wendy's restaurants," said Todd Penegor, President and Chief Executive Officer. "We have conducted a rigorous investigation to understand what has occurred and apply those learnings to further strengthen our data security measures."

Wendy's said it has worked closely with third-party forensic experts, federal law enforcement and payment card industry contacts, Wendy's determined that the cyber attackers targeted key information in their malware including the cardholder's name, credit or debit card number, expiration date, cardholder verification value, and service code.

"Generally, individuals that report unauthorized charges in a timely manner to the bank or credit card company that issued their card are not responsible for those charges.  As always, in line with prudent personal financial management, we encourage our customers to be diligent in watching for unauthorized charges on their payment cards," Wendy's said in a statement.

The company believes the criminal cyber attacks resulted from service providers' remote access credentials being compromised, allowing access – and the ability to deploy malware – to some franchisees' point-of-sale systems.  To date, there has been no indication in the ongoing investigation that any company-operated restaurants were impacted by this activity.

The Wendy's Company said the malware involved in the first attack earlier this year has been disabled with the help of investigators.

"Soon after detecting the malware variant involved in the latest attack, the Company identified a method of disabling it and thereafter disabled it in all franchisee restaurants where it was discovered. The investigation has confirmed that criminals used malware believed to have been effectively deployed on some Wendy's franchisee systems starting in late fall 2015," Wendy's said.

Click here for a statement from Todd Penegor, President and CEO, The Wendy's Company.