Backoff malware hits Dairy Queen

International Dairy Queen, Inc. (DQ) announced on October 9, 2014 that its investigation (insert our previous blog article here) has confirmed that the payment card data at 395 DQ stores and one Orange Julius store have been infected by the Backoff malware that has affected numerous other retailers.

The malware infection was caused by a third party vendor’s compromised account credentials that were used to access the systems. Same story as the others, which illustrates how important it is to get a handle on your vendors.

DQ confirmed that the malware affected payment card data, including “customer names, numbers and expiration dates.” It is presumed to include both credit and debit cards. However, DQ further reported that it “has no evidence that other customer personal information, such as Social Security numbers, PINs or e-mail addresses was compromised....”

DQ is offering one year of free identity repair services and has listed the affected locations on its website.