Some Dairy Queen and Orange Julius customers found strange charges showing up on their debit and credit cards after the Backoff malware found its way onto the company’s computer systems and stole bank information including account numbers, names and expiration dates.
One Indiana customer told me that someone charged a pair of $500 sneakers to her account, but the bank figured that out and called her right away. Then someone else charged $490 at Walmart.com and a 5-day hold was put on her bank account with neither Walmart or the bank able to do anything until the charge cleared. Though, Walmart did refund the purchase after the 5-day period.
According to a statement from parent company International Dairy Queen, Inc. – each of the franchises are independently owned and operated and not every restaurant was affected. But nearly 500 restaurants in 46 states were hit in August of 2014. You can click here for a full list of the store that were compromised.
The company says the malware has been contained in their system and no longer poses a threat to customers. The company is also offering identity repair service to affected customers from AllClear Secure. Customers can learn more about those services by calling 1-855-865-4456.
Dairy Queen also asked that any customers that notice fraudulent activity report it to the police, the FTC and their state attorney general. It’s always a good idea to monitor your bank statement for any unusual credit card activity.
Dairy Queen joins JP Morgan Chase Bank, Home Depot, Target, Niemen Marcus, PF Chang and several large universities as victims of information stealing malware attacks.
It’s always a good idea to monitor your bank statement for any unusual credit card activity. But it’s not a bad idea to limit your exposure by paying cash for small purchases such as lunch. Also don’t be afraid to ask any retailer where you do business, what types of security protection they have in place for their point-of-service system. A great many many still be running systems that use Windows XP despite the end of security support.