Wendy's Admits Almost 350 Stores Hit In POS Attack

On Wednesday (May 11), Wendy's said that "fewer than 300 of approximately 5,500 franchised North America Wendy's restaurants" had malware in their POS systems and another "approximately 50 franchise restaurants are suspected of experiencing, or have been found to have, unrelated cybersecurity issues." This comes on the heels of a lawsuit that accused Wendy's of a wide range of IT security shortcomings.

In the new statement, Wendy's did not identify which POS was impacted, but it strongly implied that new Aloha POS systems-currently being installed throughout the company, with the stated goal of full deployment by "year-end 2016"-were not infected. Wendy's "has worked aggressively with its investigator to identify the source of the malware and quantify the extent of the malicious cyber-attacks, and has disabled and eradicated the malware in affected restaurants. The Company continues to work through a defined process with the payment card brands, its investigator and federal law enforcement authorities to complete the investigation," Wendy's said.