The Wash Tub is notifying customers of a year-long payment card breach:
San Antonio (November 12, 2020) – The Wash Tub is notifying customers of an incident that has been recently identified and addressed involving a suspected data breach that occurred September 2019 through October 2020.
The Wash Tub was recently notified of suspicious activity on payment cards that had been used at various Wash Tub locations. Upon this notice, The Wash Tub hired an independent forensic investigation firm. The investigation detected malicious software that allowed an unknown third party to retrieve cardholder data. The malicious software has since been removed and additional security measures have been put in place, including upgrading payment terminals.
Customers who visited The Wash Tub during the dates of the suspected data breach are encouraged to monitor their card activity and immediately report fraudulent activity to their card issuer.
Read more on Washtub.com.
The notice is a bit confusing in that it said that the breach affected payment cards used at “various Wash Tub locations.” Which ones? Or does The Wash Tub mean that all locations were impacted? DataBreaches.net reached out to The Wash Tub Twitter team for clarification yesterday, but have received no response as yet. This will be updated if they do respond to clarify.