U.S. fast food chain Wendy’s last week announced a $50 million settlement with financial institutions that suffered losses during a data breach that ran from October 2015 through June 2016. The settlement agreement, which is subject to court approval, follows last year’s $3.4 million settlement with customers.
Affecting an estimated 1,000 restaurants, 7,500 financial institutions, and 18 million payment cards, the breach involved malware designed to steal payment card information — including names, card numbers, expiration dates and security codes — from point-of-sale systems. If the settlement is approved by the court, payments are expected to be made in late 2019.