Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
You are here: Home / Network Security / Dairy Queen Confirms Data Breach
Dairy Queen Latest Retailer To Report Hack
Dairy Queen Latest Retailer To Report Hack
By Jennifer LeClaire / Enterprise Security Today Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
Known for its hot fries and soft-serve ice cream, Dairy Queen just made cyber history as the latest victim of a hack attack. The fast food chain has revealed that customer data at some of its stores may be at risk.

According to Dairy Queen, the possible data breach is connected to the Backoff point-of-sale malware that raked Target through the coals last year. Target recently revealed the breach cost its shareholders $148 million, though there’s no indication that Dairy Queen was hit that hard.

"In addition to communicating with potentially affected franchised locations, credit card processors and credit card companies to gather relevant information, we immediately began cooperating with the authorities investigating this particular malware," Dairy Queen said in a statement. "We continue to communicate with our franchisees and service providers regarding steps necessary to protect customer data and minimize any impact to our customers."

Early Warning Signs

Brian Krebs of Krebs on Security was the first to see hints of the breach. On Aug. 14 he pointed to sources in the financial industry saying they were seeing signs that Dairy Queen may be the latest retail chain to fall victim to a cyberattack.

“I first began hearing reports of a possible card breach at Dairy Queen at least two weeks ago, but could find no corroborating signs of it -- either by lurking in shadowy online ‘card shops’ or from talking with sources in the banking industry,” Krebs said.

“Over the past few days, however, I’ve heard from multiple financial institutions that say they’re dealing with a pattern of fraud on cards that were all recently used at various Dairy Queen locations in several states," he added. "There are also indications that these same cards are being sold in the cybercrime underground.”

Protecting the End Points

We turned to Mike Davis, CTO at real-time endpoint threat protection firm CounterTack, to get his insights on the Dairy Queen breach. He told us the fact that franchisees are not required to tell the franchisor about security breaches illustrates how breach notification processes are weak not just in retail but in most industries.

“The franchisor brand is effected when a franchisee causes a security breach,” Davis said. “Franchisors should start requiring security controls of their franchisees above those required by PCI and third parties the franchisee may work with. The franchisor's brand could be destroyed easily without better controls in place for franchisees.”

What’s more, without real-time insight into what processes and activities are occurring on franchisee point-of-sale systems, the time between a breach being detected and a security team knowing the impact is too great, Davis said.

“With ups and now downs, it seems the media knew about the impact of a breach before the companies did, and that is a real problem that can only be addressed by utilizing endpoint threat detection and response technology to know exactly what happened on what endpoints during an attack," he added.

Image credit: iStock/Artist's concept.

Tell Us What You Think


Jesus o:
Posted: 2014-09-04 @ 9:24am PT
I used my card at a Dairy Queen in Phoenix and that charge never went through, but I had 4 other charges in the valley totaling over 300 dollars that weekend.

Like Us on FacebookFollow Us on Twitter
© Copyright 2018 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.