April 19, 2017
Notice of Data Security Incident –Drs Carwash Wash LLC, dba Whatta Wash Carwash, 2414 Reidville Road, Spartanburg, SC
Spartanburg, SC –Drs Car Wash LLC, dba Whatta Wash Car Wash, was informed on March 27, 2017 that our point-of-sale system experienced an intrusion last month. Our point-of-sale system is operated by a third-party platform provider and this provider experienced the intrusion.
To date, the investigation indicates that the intruder placed malware on the point-of-sale system, and by doing so gained access to our customers’ payment card data, including the cardholder’s first and last name, payment card number, and security code.
If you used a payment card at any of our locations between the dates of 2/20/2017 to 3/2/2017, your payment card information may be at risk. Because we are unable to determine contact information for each customer whose information may be at risk, we are notifying our customers of this risk in this Substitute Notice.
What information was involved?
For those customers who used a payment card at our location between the dates of 2/20/2017 and 3/2/2017 the information the intruder had access to includes the cardholder’s first and last name, card number and security code.
What are we doing?
Drs Car Wash LLC has worked with our third-party platform provider to remove the malware from its systems and our provider is actively monitoring the platform to safeguard personal information.
We are offering one year of complimentary credit monitoring through Kroll to help alleviate any concerns affected customers may have. Our customers may visit the following website to enroll in this product: http://activate.kroll.com. Our customers may also call 1-855-223-7528 if they have questions about this incident and for more information about the identity protection product.
What you can do.
To protect yourself from the possibility of identity theft, we recommend that you immediately contact your credit or debit card company and inform them that your card information may have been compromised, so that they can issue you a replacement card. We suggest that you remain vigilant and review your banking and card statements as well as credit reports, and report any suspicious activity to the relevant financial institution.
You should promptly report any fraudulent activity or any suspected incidence of identity theft to proper law enforcement authorities, your state attorney general, and/or the Federal Trade Commission. You can also contact these sources about steps you can take to avoid identity theft.
Your state attorney general can be contacted at [phone number, address, and website].
To contact the Federal Trade Commission and file a complaint, go to www.ftc.gov or call 1-877-ID-THEFT (877-438-4338).
You can also contact one of the three major credit bureaus to monitor your credit report for any suspicious activity, and for information about fraud alerts and security freezes. You can order a free copy of your credit report by visiting www.annualcreditreport.com, calling 877-322-8228, or completing the Annual Credit Report Form on the Federal Trade Commission website at http://www.consumer.ftc.gov/articles/pdf-0093-annual-report-request-form.pdf.
You should immediately notify the credit bureaus if your credit report shows anything suspicious. The credit bureaus can be contacted as follows:
P.O. Box 740241
Atlanta, GA 30374
P.O. Box 9532
Allen, TX 75013
P.O. Box 6790
Fullerton, CA 92834
For more information.
If you have questions regarding this incident please call 1-855-223-7528, Monday through Friday from 8:00 a.m. to 5:00 p.m. Central Time.
We take consumers’ privacy very seriously and are doing everything in our power to enhance our systems and security processes and to ensure that this type of incident will not again occur.