You've been redirected from to In March 2021, Mobile Payments Today became a part of Payments Dive. For the latest payments news, sign up for the daily newsletter.

Wendy's malware problems may be much bigger than originally thought

The Wendy's Company said its problems with malicious cyber-activity are more extensive than originally thought and could involve many more than the original 300 restaurants thought involved in the attack, after news reports of the breach that started in January.

In May the company announced that malware had been found in the POS at hundreds of North American franchised restaurants. 

This week, company representatives said more problems have been found as a part of a continuing probe into unusual credit card activity at some restaurants. Reports indicated that payment cards used legitimately at Wendy's may have been used fraudulently elsewhere. Likewise, the company said it has also found a variant of the originally detected malware in the system that works differently than the one originally uncovered. The malware has been disabled in the restaurant systems where it’s been detected, but the company said it’s extremely difficult to detect.

A company news release said that investigators believe the attackers remotely accessed the point-of-sale system that they originally thought hadn't been affected. None of the chain's company-operated restaurants appear to be affected, but a news release said that there were many more franchised locations attacked than investigators first thought in May. 

Wendy's said that many of its franchise operators use a third-party service for their POS programs, which apparently served as a point of entry for the cyber-criminals. Investigators believe cyber-attackers used those vendors remote access credentials to get into the restaurants' systems.  

Wendy's has established a toll-free number (888-846-9467) and email address for customers to use for inquiries. The company has 6,500 locations worldwide.