Intrusion at payment system vendor trickles down to Dairy Queen customers
Spear-phishing; Stolen credentials; User accounts compromised
Information Systems & Supplies Inc., which sells so-called point-of-sale systems to restaurants, says a hack involving login information might have compromised diners’ credit card accounts.
“We recently discovered that our Log-Me-In account was breached,” states a June 12 notification letter to clients. “We have reason to believe that the data accessed could include credit card information from any cards used by your customers” between Feb. 28 and April 18.
IS&S provides services to a number of eateries including Dairy Queen, Buffalo Wild Wings and Taco Time, among others.
The incident “occurred through a phishing attack where the credentials of their corporate Log-Me-In account was compromised,” Tripwire reports. “Boston-based Log-Me-In noticed the compromise and alerted IS&S and they notified customers.”
Food and Beverage
July 1, 2014
Link to report
location of breach
location of perpetrators
date breach occurred
multiple times between Feb. 28, 2014 and April 18, 2014
date breach detected