A data breach at International Dairy Queen, Inc. has resulted in systems at 395 of its more than 4,500 U.S. stores and one Orange Julius location being infected with the same Backoff malware that has plagued other retailers nationwide and exposed customer payment information.
Dairy Queen had already been under scrutiny for a possible malware issue that could have impacted payment cards that were used in some U.S. locations. After what it called “an extensive investigation” by outside forensic experts, the company determined, in what is becoming a familiar refrain, attackers compromised account credentials of a third-party vendor to gain access to the systems.
In a press release detailing the investigation’s findings, Dairy Queen included a list of the locations hit as well as the time periods that Backoff was present on their systems, which varied by location. Those systems housed customer payment card information, including names, account numbers and expiration dates. “The company has no evidence that other customer personal information, such as Social Security numbers, PINs or email addresses, was compromised as a result of this malware infection,” the company said in the release.
Dairy Queen said it was “confident” that its efforts had contained the malware.
Read the Full Article: Source – SC magazine