Dairy Queen announced Thursday that there was a data breach in August affected almost 400 locations.
The Wall Street Journal reported that the ice cream company said that the hacking compromised the customers' name, card numbers, and expiration dates from 395 stores. However, the Social Security numbers and PINs weren't affected.
The Edina-based ice cream and fast food chain said that the breach was the result of a third-part being hacking, where a Backoff malware was inserted to the systems. The company believes they've already contained the malware and no system is still compromised.
John Gainor, Dairy Queen President and chief executive officer, said, "Our customers are our top priority and we are committed to working with our franchise owners to address the issue."
The company is working with its franchisees to figure out which stores have been compromised with the hacking. They listed in their website the locations affected by the breach and the date of attacks.
"Because nearly all DQ and Orange Julius locations are independently owned and operated, we worked closely with affected franchise owners, as well as law enforcement authorities and the payment card brands, to assess the nature and scope of the issue," Dairy Queen said in a statement posted on the website.
The ice cream chain is offering a one-year free service of identity repair for customers who used their credit cards in the affected stores. They remind consumers to be vigilant of their credit statements and to monitor irregular and unexplained activities in their free credit reports.
Dairy Queen is the latest victim of hackers who targeted the credit card details of customers. Kmart, a subsidiary of Sears, also announced Thursday that some of their stores were breached. The retailer found a virus similar to the one that attacked Home Depot's systems. They're already working with the forensics team and law enforcement to solve the issue.
