Estimated read time: 2-3 minutes
This archived news story is available only for your personal, non-commercial use. Information in the story may be outdated or superseded by additional information. Reading or replaying the story in its archived form does not constitute a republication of the story.
SALT LAKE CITY — Thirteen Wendy’s Utah locations were among the more than 1,000 of the fast food franchise’s locations hacked as a part of a credit and debit card breach first detected in February.
“Some Wendy’s restaurants have been the victim of malicious cyber activity targeting customers’ payment card information. We sincerely apologize to anyone who has been inconvenienced as a result of these highly sophisticated, criminal cyber attacks,” Wendy’s president and CEO Todd Penegor wrote in a statement posted on the company’s website Thursday.
The hack comprised various data information, including cardholder names, credit or debit number, expiration date, cardholder verification value and service code, according to the company.
Of the locations affected in Utah, two were in Orem. The breaches in both Orem locations, as well as locations in Provo, Payson, Spanish Fork and Springville, began on Nov. 1, 2015. The breach lasted until Feb. 9 this year in Springville and Feb. 14 for the Orem, Provo, Payson and Spanish Fork locations.
The breach period for the other seven locations in Beaver, Heber City, Kanab, Lehi, Nephi, Richfield and Tooele were between Jan. 13 and June 8 this year.
Those locations are:
- Beaver: 625 W. 1400 North
- Heber City: 800 S. Main St.
- Kanab: 301 S. Fairway Drive.
- Lehi: 47 S. 850 East.
- Nephi: 830 E. 100 North.
- Orem: 835 W. 1200 South and 1444 S. State St.
- Payson: 1522 W. 800 South
- Provo: 1066 S. University Ave.
- Richfield: 1050 W. 1250 South
- Spanish Fork: 929 E. 800 North
- Springville: 1739 W. 400 South
- Tooele: 975 N. Main St.
Penegor said the company became aware of the issue in February with some locations, but found out in June that more locations were affected.
“We believe that both criminal cyber attacks resulted from service providers’ remote access credentials being compromised, allowing access — and the ability to deploy malware — to some franchisees’ point-of-sale systems,” he wrote. Malware detected at each of the locations affected was disabled by June 9.
Penegor added the company is offering free fraud consultation and identity restoration services to those affected for the next year.
Those affected or may have been affected by the hack are urged to contact Wendy’s with its toll-free number 866-779-0485. Those who may have further questions also are urged to call that number.
