STE WILLIAMS

Ice cream headache as black hat hacks sack Dairy Queen

Next gen security for virtualised datacentres

Ice cream mogul Dairy Queen appears to have been breached with hackers likely stealing credit cards from some of its many US stores.

The chilling news comes from sources within the US banking sector who separately told cyber-crime prober Brian Krebs that fraudulent transactions on credit cards appeared to have stemmed from a breach at the company.


Dairy Queen admitted the US Secret Service had been in touch after initial waffle claiming it had no evidence of a breach.

Communications director Dean Peters has since said it was difficult to determine if breaches occurred at any of the franchised stores which were independent and not required to report security lapses.

“We would assist [the stores] if they reached out to use about a breach, but so far we have not heard from any of our franchisees that they have had any kind of breach,” Peters told Krebs on Security.

Large franchise stores across Australia were similarly exposed, Vulture South understands.

While details were milky, Krebs speculated that the breaches may have resulted from a handful of hacked stores owned by a single franchisee.

This was based on recent data breaches at sandwich chain Jimmy Johns and the United Parcel Service which were both popped by point of sales malware that was foisted onto the devices over remote access lines that were protected by weak passwords.

These breaches came as US Homeland Security warned that the Backoff point of sales malware had infected more than 1000 businesses.

Popping a single franchisee may have given access to multiple stores, or those shops could have been protected with the same password or similarly weak passwords for the remote access credentials.

While a breach may cool sales, it was sweet news for carders; a private cybercrime forum is reporting a “huge and awesome update” with a tranche of 1000 cards selling 11 August, a second with 2000 sold the following week and another with 5000 credit cards currently on offer.

Each batch noted the state in which the cards were issued in a new fraudsters tactic to cash out locally in a bid to stay under the radar of bank fraud systems. ®

The essential guide to IT transformation

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2014/08/29/black_hat_hacks_sack_dairy_queen_green/

Comments are closed.