Last week, Dairy Queen officially confirmed that malware was installed on point of sale devices at 395 of its 4,500-plus locations in the United States. Kmart’s systems were similarly compromised in early September, but the extent of that breach is as of yet unknown.
Dairy Queen has reported that cyber-criminals invaded its system by hacking into a third-party point of sale system. The hacker most likely gained access by using an employee’s remote access credentials to enter a restricted space.
The compromised information includes customer names, credit and debit card numbers and expiration dates, but the company reports that there is no reason to believe other personal information such as Social Security numbers or email addresses were taken. Customers should therefore monitor their bank accounts, but don’t have to be especially concerned about other cyber-crimes such as phishing.
It seems that the breach has been fully patched, so there’s no reason for additional future concern.
“Based on our investigation,” Dairy Queen officials reported, “we are confident that this malware has been contained.”
Both Dairy Queen and Kmart are offering affected customers free credit monitoring. Kmart customers qualify if they shopped at a store between September 1 and October 9, before the breach was discovered and contained.
Unlike Dairy Queen, Kmart does not know how many stores or customers were affected by the breach. Kmart President Alasdair James believes credit and debit card numbers were compromised but that personal information such as Social Security numbers, email addresses and phone numbers remained secure.
Data breaches are only becoming more common, so it’s important that you ensure your company’s protection by choosing the most secure and reliable point of sale retail software on the market.