Home Articles Nasty Hackers Breach Wawa, Sell its Info on Dark Web

Nasty Hackers Breach Wawa, Sell its Info on Dark Web

WAWA Corp.Wawa the popular convenience store chain that runs nearly 900 east coast stores and gas stations is the latest big company to fall victim to hackers. The company revealed in December 2019 that it had recently discovered malware that had been operating on its point of sale systems since March 2019.

To make matters worse, experts have now found that a whopping 31 million customers were affected by the hack and that these customers’ personal information is now up for sale on the dark web. Cybercriminals can now buy the financial information of ordinary citizens for anywhere from $17 to $210 and reuse this information in any way they wish.

Wawa’s victims will likely be irked to find that not only is their personal information up for sale but that the breach was entirely preventable in the first place. Philipp Baumann is the CEO of BoomTech Inc. an IT managed provider that specializes in providing cybersecurity to business clients.

He notes that current technology can prevent a whopping 97% of all breaches. Nick Allo from Semtech IT Solutions concurs, stating bluntly that the entire mess could have been avoided and implying that Wawa may not have invested in protecting its network on a zero-trust model with multiple layers. At the same time, it’s worth noting that when Target, like Wawa, experienced a point of sale breach, investigators later found that the breach originated from a third-party contractor that worked with Target and then jumped from that contractor’s computers to Target’s IT network. In any case, it was Target that got the blame and wound up shelling out millions of dollars in settlement fees, a fate that likely awaits Wawa in the not-so-distant future.

What Next?

Condemning Wawa for arguably lax security protocols does nothing to make one’s own business more secure. As Nick Allo accurately points out, the Wawa hack should make all SMBs want to take proactive measures to prevent a data breach. Eric Weast from ECW Network & IT Solutions offers valuable advice on how to do just that. He notes that while anti-virus software and firewalls were sufficient in times past, they aren’t enough today as hackers have tools and technologies to get through these software programs.

Instead, businesses need intrusion detection on the host endpoint itself. Without the right detection and alerting mechanisms, malware can remain dormant on your computer for months on end, causing untold damage before you even know it’s there. Mr. Weast also recommends that companies:

  • Use randomly generated passwords for systems accounts. Sadly, a whopping 86% of passwords are absolutely terrible. Easy-to-guess word and number combinations such as “password1”, “12345”, and “query” are still commonly used by people from all walks of life. Alternatively, many people use the name of a loved one or pet and such information can easily be uncovered by a quick peek at a potential victim’s social media sites.
  • Install limit permissions. All your employees don’t need access to all your data. Limit data to those who absolutely need it to do their jobs. Doing so not only prevents a widespread breach if one employee password falls into the wrong hands but also prevents a disgruntled employee from stealing all your business information on his or her way out.
  • Disable built-in tools that don’t need to run on your workstation systems. Hackers can use tools that you don’t normally use to get into your system and either access your files or lock down your information in a ransomware attack.

Additionally, as Philipp Baumann reports, it’s imperative for companies to have a response plan in place in order to deal with a breach once it’s been discovered. Mr. Baumann points out that most companies focus solely on detection. While this is well and good, it’s not good enough.

Security should not be viewed as a problem to be solved but rather a risk to be managed. Cybercriminals are continually looking for new ways to hack into business computers and the odds are that your business will eventually be targeted. With a good plan, you can not only detect a breach but also immediately take protective measures to protect information and eliminate the malware from your system.

Furthermore, a good response plan will also include plans to assess your system to see which vulnerabilities were exploited by hackers and then strengthen the weak areas so that hackers can’t get into your network again.

It’s easy to pick on Wawa for using lax security protocols that allowed hackers to gain access to their systems and remain undetected on Wawa’s network for nine long months. After all, Visa recently warned Wawa and other, similar companies that hackers were specifically targeting gas stations that continued to use magnetic-stripe credit card readers rather than those equipped to take cards with computer chips.

However, business owners who are concerned about avoiding a similar scenario would do well to realize what went wrong with Wawa’s IT security and look for ways to strengthen their own security protocols to prevent a devastation cyberattack. While it’s not easy to continually stay abreast of cybersecurity best practices, it’s a must for every single company in today’s world.