Published On: Fri, Jul 8th, 2016
News | By

Local Wendy’s among those hacked





The Wendy’s restaurant in Cherokee is one of over 1,000 nationwide that has been hit by a cyber attack.  The Wendy’s Company released information on Thursday, July 7 stating that patrons using payment cards may be at risk and should take precautions to prevent damages or losses to their accounts.

Wendy’s officials said patrons who dined in the Cherokee restaurant between Dec. 2, 2015 and June 8, 2016 and used a payment card may have been affected.  Malware was discovered on June 9 and disabled.

“Some Wendy’s restaurants have been the victim of malicious cyber activity targeting customers’ payment card information,” Todd Penegor, The Wendy’s Company president and CE), said in a statement on Thursday.  “We sincerely apologize to anyone who has been inconvenienced as a result of these highly sophisticated, criminal cyberattacks.  We have conducted a rigorous investigation to understand what has happened, and we are committed to protecting our customers and keeping you informed.”

The Wendy’s Company is the world's third-largest quick-service hamburger company. The Wendy’s system includes approximately 6,500 franchise and Company-operated restaurants in the United States and 28 countries and U.S. territories worldwide. For more information, visit (PRNewsFoto/The Wendy's Company)

(PRNewsFoto/The Wendy’s Company)

He continued, “We recommend that you remain vigilant for incidents of fraud and identity theft by reviewing credit card account statements and monitoring your credit report for unauthorized activity.”

Information from Wendy’s outlines the situation, “This criminal cyberattack resulted from a service provider’s remote access credentials being compromised, allowing access – and the ability to deploy malware – some franchisee’ POS (point-of-sale) systems.  Soon after detecting the malware, Wendy’s identified a method of disabling it and thereafter has disabled the malware in all franchisee restaurants where it has been discovered.”

The malware targeted the payment card’s data such as cardholder name, card number, expiration date(s), verification value and service code.

Wendy’s stated the company “has worked aggressively with third-party forensic experts and federal law enforcement on this investigation”, and they have established free fraud consultation and identity theft services.

Other area Wendy’s restaurants affected include Cashiers (Nov. 1, 2015 – Feb. 14, 2016) and Murphy (Dec. 2, 2015 – June 8, 2016).

Those patrons who think they may have been affected by this cyberattack are encouraged to contact Wendy’s free fraud service (866) 779-0485 from 8am – 5:30pm (CST) Monday through Friday.  North Carolina residents are also encouraged to contact the N.C. Attorney General’s Office Consumer Protection Division (877) 566-7226,, if they have more questions about identity theft.