Dairy Queen cuts the waffle, says bank cards creamed in 395 eateries

Burger bars battered by Backoff baddie

Dairy Queen

Dairy Queen has admitted to being hacked, six weeks after reports first surfaced that the US fast-food chain's tills were compromised.

"We discovered evidence that the systems of some DQ locations and one Orange Julius location were infected with the widely-reported Backoff malware that is targeting retailers across the country," the company said in a statement. "The investigation revealed that a third-party vendor's compromised account credentials were used to access systems at those locations."

Backoff is a Windows software nasty that runs on point-of-sale computers: it harvests the details of credit and debit cards swiped through the tills, as well as logging keystrokes. In July US-CERT warned that seven PoS vendors had encountered the malware in their customers' systems, and asked IT managers to be on alert for it.

Dairy Queen said that between August 5 and 31 the malware had harvested customers' names, payment card numbers and expiration dates from 395 restaurants – but the code didn't get hold of stuff like Social Security numbers, PINs or email addresses. This suggests that while the registers were compromised, the firm's back-office servers were unaffected.

As is becoming traditional in these kinds of cases, the biz is asking customers to check their bank statements for unauthorized transactions and will offer one year's subscription to an identity repair service for those hit, although it will be up to the banks themselves to sort out any refunds.

"The recent details about the Dairy Queen breach show a sobering reality of how advanced cybercrime has become and the concerning state of security among the retail industry," said Eric Chiu, president of cloudy firm HyTrust.

"The fact that a third-party provider had account credentials compromised highlights that these attackers are leveraging insider threats to gain access to corporate networks to steal data without being detected. This is similar to an intruder living within the walls, watching your every move for over a year…very scary." ®

Sponsored: Detecting cyber attacks as a small to medium business


Biting the hand that feeds IT © 1998–2020