Dairy Queen could be the latest victim of a data breach, highlighting the demand for counterfeit credit cards, cybersecurity watchdog website KrebsonSecurity reported on Aug. 26.
Although a spokesman for the ice cream chain said the company had not heard reports of card problems at the independently owned stores, multiple financial institutions told the watchdog they had detected fraud on cards that had recently been used at Dairy Queen locations. The agencies also identified the cards among those sold at underground shops.
The spokesman added that its franchisees were not required to report security issues.
But research director Julie Conroy of Aite Group said nationwide companies should have breach notification policies to protect the integrity of the company’s brand and public image.
The Minneapolis-based ice cream chain has 4,500 independently run locations in the United States and so far KrebsonSecurity has found reports from only a handful of states, indicating the breach could be a local issue.
The cybersecurity watchdog added that the Dairy Queen breach seems to be run by a separate group than the one that hit Target in December and Sally Beauty in February. Dairy Queen is a wholly owned subsidiary of Berkshire Hathaway.
The U.S. Department of Homeland Security and the Secret Service said last week that more than 1,000 American businesses have faced cybersecurity attacks aimed at stealing credit card data, KrebsonSecurity said. In response to the alert, a UPS subsidiary scanned its system for the described malware and found security breaches in 51 UPS franchises in the United States, or about 1 percent, the website said.