NEW YORK (CNNMoney) — Dairy Queen is the latest company to get hit by a security breach saying that payment card data has been impacted at nearly 400 of its restaurants around the country.
The ice cream stand operator said malware called Backoff is to blame, and that it accessed systems through a “third-party vendor’s compromised account credentials.” The company also said the malware has been “contained.”
The hacked systems contained customer names, payment card numbers and expiration dates, according to the company.
On Thursday, October 9, 2014, Dairy Queen published an online list of the 395 restaurants where payment card data was affected. Orange Julius locations were also affected. The company has about 4,500 outlets.
The company said the time period of the malware intrusion is between August and October, but varies at each location.
Dairy Queen said it’s offering “free identity repair services” for one year to any customer who used a credit or debit card at one of the hacked restaurants during the affected time period.
Customer payment card data has been hacked at many companies over the last year, including Target, Supervalu, Michaels and Neiman Marcus, as well as the restaurant chain P.F. Chang’s.
More recently, banks have been feeling the pain. JPMorgan announced earlier this month that the accounts of 76 million customers have been hacked.
Editor’s Note: The list of affected Dairy Queen locations includes stores in Clinton, Davenport and Muscatine in Iowa, as well as stores in Colona, Dixon and Oregon in Illinois.
Get the complete list of affected Dairy Queen stores – click here.
Read the statement from the president and CEO of Dairy Queen – click here.