Backoff POS malware found at nearly 400 Dairy Queen locations

Cyber Chief Magazine brings you the tactics to uncover and neutralize the insider threat

POS systems at nearly 400 franchises of the International Dairy Queen fast food chain have been infected with Backoff malware, the company has reported on Thursday.

The company discovered and confirmed the breach back in late August, but only now revealed the full extent fo the compromise, which has, by now, apparently been contained.

“Because nearly all DQ and Orange Julius locations are independently owned and operated, the company worked closely with affected franchise owners, as well as law enforcement authorities and the payment card brands, to assess the nature and scope of the issue,” the company explained. “The investigation revealed that a third-party vendor’s compromised account credentials were used to access systems at some locations.”

The exact number of affected locations is 395, and the time periods during which the Backoff malware was present on the systems vary by location (the complete list can be found here).

“The affected systems contained payment card customer names, numbers and expiration dates. The company has no evidence that other customer personal information, such as Social Security numbers, PINs or email addresses, was compromised as a result of this malware infection,” they added.

Potentially affected customers are being notified, and offered free identity repair services for one year.