Skip navigation
Wendy’s investigates possible data breach

Wendy’s investigates possible data breach

Quick-service chain gets reports of “unusual activity”

The Wendy’s Co. is investigating a possible credit card breach at some of its 6,500 restaurants, the company confirmed Wednesday.

A spokesman for the Dublin, Ohio-based quick-service chain said that it had received reports of unusual activity on some customers’ cards and hired a security company to investigate.

“Wendy’s is currently investigating reports of unusual activity involving payment cards at some restaurant locations,” Bob Bertini, a Wendy’s spokesman, said in an email. “Reports indicate fraudulent charges may have occurred elsewhere (other retailers/businesses) after payment cards were legitimately used at some restaurants.”

Bertini said Wendy’s had been working with payment industry contacts since learning of the reports and launched a comprehensive investigation with the help of cyber-security experts.

“We also are fully cooperating with law enforcement authorities,” Bertini said. “Until this investigation is completed, it is difficult to determine with certainty the nature or scope of any potential incident.”

One poster on the KrebsOnSecurity website, which first reported the Wendy’s incident Wednesday, said the unwarranted charges may have been continuing as late as last week.

One KrebsOnSecurity reader noted that on Jan. 20, a fiancé had used a Visa card at a Wendy’s restaurant in Elk Grove, Calif., and “about half an hour later a fraudulent charge was attempted with that card. I discovered this when attempting to use the card early in the afternoon that same day, and the charge was declined.”

Bertini advised customers who might have used credit cards at Wendy’s locations “to be diligent in watching for unauthorized charges on their payment cards,” adding: “Generally, individuals that report unauthorized charges in a timely manner, to the bank that issued their card, are not responsible for those charges.”

KrebsOnSecurity said that it “initially began hearing from banking industry sources about a possible breach at Wendy’s, the reports were coming mainly from financial institutions in the Midwest.” Later, the website heard similar reports from banks on the East Coast.

Wendy’s is the nation’s third-largest quick-service hamburger chain, with franchised and company restaurants in 28 countries and U.S. territories.

Contact Ron Ruggless at [email protected].
Follow him on Twitter: @RonRuggless

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.