CHOCTAW, Okla.– 1025 Wendy’s franchise-owned restaurants were impacted by “highly sophisticated, criminal cyberattacks” the company announced Thursday.
Critical information that included the cardholder’s name, card number, expiration date, verification number (cvv), and service code were stolen.
One of the 1025 restaurants affected was the Wendy’s in Choctaw, Oklahoma.
Customers who used a card at the impacted location from December 2, 2015 to June 8, 2016 should monitor their accounts for unauthorized charges.
You can check the full list of impacted restaurants here.
Initially, the company said the attack had affected less than 300 restaurants.
However, on Thursday, officials said they had “discovered a variant of the malware… affecting additional franchise locations,” and expanded the impacted locations to 1025.
“We are committed to protecting our customers and keeping them informed. We sincerely apologize to anyone who has been inconvenienced,” said Todd Penegor, Wendy’s president and chief executive officer.
“We have conducted a rigorous investigation to understand what has occurred and apply those learnings to further strengthen our data security measures,” Penegor stated.