TMCnet News
Local Dairy Queen caught in data breach [Cape Cod Times, Hyannis, Mass.](Cape Cod Times (Hyannis, MA) Via Acquire Media NewsEdge) Oct. 11--SOUTH YARMOUTH -- The Dairy Queen on Route 28 in South Yarmouth was among three in the state -- and 395 nationwide -- that were hit by a data breach, the company has announced. The breach appears to have exposed customers' names, credit and debit card numbers, and expiration dates, said Dean A. Peters, American Dairy Queen Corp. associate vice president for public affairs. Peters said Friday that there is no indication that PIN numbers and other personal data were stolen and that the malware behind it -- which affected point-of-sale terminals -- has been contained. "Through our investigation, it was revealed that a third-party vendor's account had been compromised," he said. "That was used to access systems at some locations." Although figures for individual stores were not available, Peters said Dairy Queen is estimating that fewer than 600,000 cards were affected overall. In Massachusetts, the size of the breach is estimated at fewer than 11,000 cards, he added. The other Massachusetts locations that were hit are in Bellingham and Spencer. Data at all three locations were exposed from Aug. 5 through Aug. 31, the company said. Staff at the South Yarmouth location declined to comment, referring questions to Peters at the corporate headquarters in Minnesota. Peters said the size of the attack was limited because most of the company's 4,500 locations are owned and operated by franchisees, so there was no central customer database to be compromised, as was the case in recent, larger breaches at Target and Home Depot. The malware used in the attack, known as Backoff, has emerged as one of the most widespread, involved in breaches at more than 1,000 businesses, the Department of Homeland Security said in a July 31 alert. Antivirus maker Kaspersky Lab said that estimate may be conservative. The Secret Service, in an Aug. 25 advisory, said "private sector entities of all sizes" had been targeted by hackers using Backoff. Peters said it had not been determined where the cyberattack originated. He said Dairy Queen is offering "identity repair services" to customers who think their information may have been stolen. For further information, visit www.dq.com/datasecurityincident. He also advised customers who may be at risk to keep close watch on credit and debit card account statements, and obtain a free credit report through annualcreditreport.com. Any customer who notices unauthorized purchases on a statement should promptly notify the card issuer, he said. ___ (c)2014 the Cape Cod Times (Hyannis, Mass.) Visit the Cape Cod Times (Hyannis, Mass.) at www.capecodonline.com Distributed by MCT Information Services |