MILWAUKEE — For nearly two weeks, the IT system at Kwik Trip locations across the state have been down, leaving customers unable to use their rewards.
On Thursday, the company confirmed it was a “cyber-security” incident, saying that after a thorough investigation, there is “no indication that the guests’ payment card information was involved.”
They go on to say that while the Kwik Rewards app and website will stay offline for the near future, the company plans to restore any rewards customers may have missed due to the outage.
“From the general perspective, it looks like a ransomware attack, where the bad guys got inside their Kwik Trip systems and potentially stole or, encrypted, some of their vital data,” said Alex Holden.
Alex Holden is the founder and Chief Information Security Officer for Hold Security, a Mequon-based firm that helps protect companies against these types of threats.
While he didn’t work on the Kwik Trip case, holden says these types of cyber-attacks can have lasting impacts.
“It takes companies time to recover. The road to recovery is still long because the bad guys are maybe still releasing some data and, Kwik Trip still has yet to announce the actual extent of the damage,” said Holden.
For those customers who are worried that their information may have been compromised, Holden says customers shouldn’t worry and give the company time to get back on track.
“I’ll probably still suggest to be patient and to wait for Kwik Trip to finish with remediation and make proper announcements because they are the ones who know the full impact and are in position to right certain wrongs,” said Holden.