NJ bank closes debit accounts affected by Wawa breach
WOODBRIDGE — A bank chain in New Jersey closed the debit cards of 2,000 customers who used their cards at Wawa and were affected by the breach at nearly all of Wawa's 850 locations on the East Coast.
The convenience store chain announced before Christmas that its information security team discovered malware on its payment processing servers on Dec. 10 and stopped the breach on Dec 12. The company believes the malware was collecting card numbers, customer names and other data as early as March 4.
The company said it doesn't yet know how many customers were affected. Wawa said it's also unaware of any unauthorized use of credit cards as a result of the breach.
New Brunswick Today reported that a customer received a call on Monday from Northfield's East Brunswick branch informing them that the bank had to close 2,000 debit cards because of the Wawa breach as a "precautionary measure."
Northfield spokesman Damien Kane would not confirm the number of closed cards but said that the Woodbridge-based bank with 40 branches in New Jersey and New York "employs a number of fraud prevention and mitigation methods to protect our customers’ financial data in the event of an external data compromise. When deemed appropriate, as was the case in the Wawa data breach, we will protect our affected customers by issuing new debit cards."
Kane said he could not comment "on items related to our fraud prevention, mitigation and monitoring methods."
At least six lawsuits seeking class-action status against Wawa have been filed in federal court in Philadelphia, according to the Philadelphia Inquirer.
Wawa has said it will offer free credit card monitoring and identity theft prevention services to anyone whose information might have been collected.
Police are investigating, and the company has also hired a forensics firm to conduct an internal investigation.
Material from the Associated Press was used in this report