Hackers steal payment card details from 395 Dairy Queen stores

Point-of-sale malware called “Backoff” used third party vendor credentials to access customer details at Dairy Queen, a major US chain.

395 of the company’s 4500 restaurants were affected by the attack, which harvested details for a period of at least three weeks in August.

Stolen information included customer names, and card information such as card numbers and expiration dates. Dairy Queen has said that no further customer information, such as email addresses or PIN and Social Security numbers were taken.

Backoff first surfaced in October last year and works by collecting payment card data from a computer’s RAM in the short period between the card being swiped and the data being encrypted. The US Department of Homeland Security said in August that POS devices at over 1000 businesses could be affected by Backoff or similar malware.


Related reading

Leave a comment

Comments RSS TrackBack 1 comment