Several financial institutions are suggesting that Dairy Queen may have suffered a security breach, following in the footsteps of Target and Supervalu. Experts have noticed what they suspect might be a pattern of fraud on a number of cards that were recently used at varying Dairy Queen locations, from Florida to Ohio.
Within the last year especially, hackers have been targeting retail point of sale systems in an effort to obtain private credit and debit card information. The cyber-crooks use malware to infiltrate a company’s system by guessing at employee passwords and then trolling the internal systems of companies, gathering valuable information. Counterfeit copies of credit cards are then sold in fraud shops known as “dumps,” according to KrebsonSecurity. The cards are filed by state and sold to people in the same area to avoid raising suspicion of theft.
UPS has recently acknowledged a security breach in 150 of their locations, and has posted a list of possibly affected stores so customers can be sure to monitor their bank accounts. However, Dairy Queen is currently unable to receive reliable information about the safety statuses of its 4,500 locations in varying states. This is because the varying locations are independently owned and operated franchises, and are not under any legal obligation to report breaches or vulnerabilities.
Dean Peters, director of communications at Dairy Queen, confirms, “At this time, there is no such policy. We would assist them if [any franchisees] reached out to us about a breach, but so far we have not heard from any of our franchisees that they have had any kind of breach.”
This lack of knowledge could create a problem for the company down the line, because each franchise reflects the overall company brand. A proactive approach to such situations is usually the most effective and the most reassuring to customers.