Fast food chain Wendy's is warning that a previously reported malware attack on franchisee-owned restaurant POS systems is "considerably" bigger than first thought.
In May Wendy's said that it had found malware on the point of sale (POS) system at fewer than 300 franchised North America Wendy's restaurants.
But the firm has since found a variant of the malware on other restaurant POS systems, causing it to say that the number of places affected is "expected to be considerably higher".
The malware has now been disabled but there are reports that cards used legitimately at Wendy's may have been used fraudulently elsewhere.
With no evidence that company-owned outlets have been hit, Wendy's says that the attacks seem likely to have happened because third-party contractors used by franchisees to maintain their POS system had their remote access credentials compromised.