"We are committed to protecting our customers and keeping them informed".
Wendy's list of franchised restaurants impacted by a POS data breach has officially jumped from approximately 300 locations to over 1,000.
Mr. Penegor said, "We have conducted a rigorous investigation to understand what has occurred and apply those learnings to further strengthen our data security measures".
Company officials said the breach may have impacted customers at more than a thousand locations - which is equal to about 20 percent of the company's USA franchises, The Wall Street Journal reported. To aid its clientele, Wendy's has set up a dedicated website for people to check whether a Wendy's restaurant they visited has been affected. On Thursday, Wendy's President and CEO Todd Penegor put out a statement apologizing for the attacks and saying, "As we have reported over the past several months, unfortunately, some Wendy's restaurants have been the victim of malicious cyber activity targeting customers' payment card information".
Wendy's says hackers were able to steal customer's credit and debit card information at 1,025 restaurants, including 18 in Kentucky.
Wendy's first announced it was investigating a possible hack back in January and confirmed the news in February. In June, it said the number of stores hit was considerably greater and that the hacks affected cash registers at the stores. "Soon after detecting the malware variant involved in the latest attack, the company identified a method of disabling it and thereafter disabled it in all franchisee restaurants where it was discovered".
According to the company, the malware was first deployed in late fall 2015 and it was disabled by early spring 2016.
Affected Wendy's customers can receive a free year of fraud consultation and identity restoration services, Patch.com reports.