Dairy Queen announced this week that they may have fallen victim to a data breach, possibly having their digital supply chain compromised and point of sale systems infected with malicious software.
According to KrebsonSecurity, a Midwest credit union found that more than 50 customers who had previously used their payment cards at Dairy Queen locations across the country were victimized by card fraud afterwards. The credit union went on to say that Dairy Queen stores have likely been compromised as far back as early June 2014 due to the pattern of fraud they were seeing.
Dairy Queen is comprised of more than 4,500 independently run franchises in the U.S., making it very difficult to identify the full scope of the breach. Dan Peters, director of communications for Dairy Queen, said in an interview with Brian Krebs that nearly all of the company's stores are owned by franchisees and admitted that there is not an established process in place for owners to disclose security issues or card breaches with Dairy Queen headquarters.
"Without question this is a brand protection issue," Julie Conroy, research director at advisory firm Aite Group, said to Krebs. "This goes back to the eternal challenge with all small merchants. Even with companies like Dairy Queen, where the mother ship is huge, each of the individual establishments are essentially mom-and-pop stores, and a lot of these stores still don't think they're a target for this type of fraud."
As data breaches become more damaging and occur more frequently, it is more important than ever that companies take steps towards protecting their systems from cybercriminals. If Dairy Queen had implemented a network monitoring solution, they may have been notified of malicious activity before their customers' data was compromised. Security information and event management services watch over enterprise networks around the clock and provide businesses with actionable threat intelligence that can be used to make informed decisions about a company's security posture. As hackers continue to use more sophisticated attack techniques, so too should companies increase their security defenses, and concierge SIEM services are the most reliable way to stay on top of network activity.