Nearly 400 Dairy Queen shops in the United States — none of them in Louisiana — had their software systems compromised, the restaurant chain said, making it the latest retailer to confirm a data breach.
International Dairy Queen said its investigation found evidence that systems of some Dairy Queen locations and one Orange Julius shop were infected with the “Backoff” malicious software, or malware, which has been hitting a number of retailers.
A third-party vendor’s compromised account credentials were used to get into the systems at the affected locations, Dairy Queen said in a statement issued on Thursday.
The systems at some of Dairy Queen’s U.S. shops were affected at various times from early August through early October, the company said. Customer names, card numbers and card expiration dates may have been gathered. However, Dairy Queen said it was not aware of other personal information, such as Social Security numbers, being compromised due to the attack. Dairy Queen said it is confident that the malware has now been contained.