Dairy Queen Confirms Cyber Hack
Edina-based ice cream and fast food chain Dairy Queen confirmed suspicions that it was the latest retail chain to be hit by a data breach this year.
Dairy Queen told the Star Tribune late Wednesday afternoon that data “at a limited number of stores” may be at risk but did not disclose how many customers or how many stores could be affected.
Earlier this week, Brian Krebs, the blogger who broke the news of Target’s massive data breach last year, cited unnamed sources in the financial industry who said they saw signs Dairy Queen had been “victimized by cybercrooks bent on stealing credit and debit card data.”
Krebs said he first heard about Dairy Queen’s problems two weeks ago and had since heard from multiple financial institutions that said they observed a pattern of fraud on cards used at various locations in several states. Those same cards, he said, were being sold in the cybercrime underworld.
Krebs said a pattern of fraud indicated that Dairy Queen franchisees may have been breached as far back as early June but it wasn’t clear how many of its 4,500 U.S. stores may have been hit.
Dairy Queen, a subsidiary of Warren Buffett’s Berkshire Hathaway, became the third business with ties to Minnesota to be hit by hackers in the past 12 months. Earlier this month, Eden Prairie-based grocery chain Supervalu announced a data breach affecting its customers’ payment card data at grocery and liquor stores in up to five states. Also this month, Target announced that it expected its December 2013 breach to cost the company at least $148 million in the second quarter. That incident was among the company’s woes that led to CEO Gregg Steinhafel stepping down in May.
The U.S. Department of Homeland Security warned last week of the spread of “Backoff” malware, which it said was discovered in October 2013 and could affect more than 1,000 U.S. retailers. Data breaches have also hit the Chinese restaurant operator P.F. Chang’s, the thrift store operations of Goodwill Industries International, Inc., and retailers Neiman Marcus and Michaels Stores, Inc. On Thursday, Bloomberg reported that Russian hackers attacked the U.S. financial system this month. A JPMorgan spokeswoman told the website that companies its size “experience cyber attacks nearly every day.”