Menu
Dairy Queen stores hit by 'Backoff' malware, payment card data stolen

Dairy Queen stores hit by 'Backoff' malware, payment card data stolen

The systems were accessed using account credentials from a third-party vendor, Dairy Queen said

Dairy Queen said Thursday the "Backoff" point-of-sale malware infected systems at 395 of its stores, stealing payment card data.

The company, which has 4,500 independently owned franchises in the U.S., said in a statement it believes the "malware has been contained." Most of the stores, including one Orange Julius location, were affected for between three weeks to a month starting in early August, according to a list.

"We deeply regret any inconvenience this incident may cause," wrote CEO and President John Gainor.

The company is the latest one to disclose a data breach due to malicious software. Home Depot and Target disclosed large data breaches that compromised card data. Other companies affected were Neiman Marcus, Michaels, P.F. Chang's China Bistro and Sally Beauty.

Dairy Queen said its investigation showed that a third-party vendor's account credentials were used to access the systems at the affected locations. The same style of attack method yielded access to Target's systems. The vendor was not identified.

The stolen information comprised customer names, payment card numbers and card expiration dates. No customer information, such as Social Security numbers, PINs or email addresses were stolen, it said.

The U.S. Department of Homeland Security and Secret Service warned in August that upwards of 1,000 businesses may be infected by malware such as Backoff on their point-of-sale devices.

Backoff, which first appeared around October 2013, collects payment card data from a computer's RAM where it briefly sits unencrypted after a card is swiped.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags malwaredata breachDairy Queen

Featured

Slideshows

EDGE 2018: Kiwis kick back with Super Rugby before NZ session

EDGE 2018: Kiwis kick back with Super Rugby before NZ session

New Zealanders kick-started EDGE 2018 with a bout of Super Rugby before a dedicated New Zealand session, in front of more than 50 partners, vendors and distributors on Hamilton Island.‚Äč

EDGE 2018: Kiwis kick back with Super Rugby before NZ session
EDGE 2018: Kiwis assess key customer priorities through NZ research

EDGE 2018: Kiwis assess key customer priorities through NZ research

EDGE 2018 kicked off with a dedicated New Zealand track, highlighting the key customer priorities across the local market, in association with Dell EMC. Delivered through EDGE Research - leveraging Kiwi data through Tech Research Asia - more than 50 partners, vendors and distributors combined during an interactive session to assess the changing spending patterns of the end-user and the subsequent impact to the channel.

EDGE 2018: Kiwis assess key customer priorities through NZ research
Show Comments