NATIONWIDE — Popular convenience store and gas station chain Wawa has reported a nationwide data breach involving customer payment information, CEO Chris Gheysens announced Thursday.

  • Malware on Wawa servers impacts customer card information
  • The breach dates back to March 4, ended December 12
  • Wawa said customer credit, debit card info was compromised

In an open letter, Gheysens said Wawa’s security team last week found malware on the chain’s payment processing servers.

The malware affected customers' credit and debit card information at potentially all Wawa locations beginning from March 4 to December 12, when the malware was reportedly “contained.”

The breach has affected customers who used “in-store payment terminals and fuel dispensers.”

Some Wawa locations may not have been affected, according to the letter, but the malware impacted most stores by April 22.

According to Gheysens, the malware no longer poses a risk for those using cards anymore, because the bad software was dealt with. He added that the malware didn't compromise in-store ATMs.

The company said that so far, there have been no reports of unauthorized card use related to the breach.

Wawa encouraged concerned customers to contact its toll-free call center 1-844-386-9559 for assistance.