Threatwatch

Intrusion at payment system vendor trickles down to Dairy Queen customers

Spearphishing; Stolen credentials; User accounts compromised

Information Systems & Supplies Inc., which sells so-called point-of-sale systems to restaurants, says a hack involving login information might have compromised diners’ credit card accounts.

“We recently discovered that our Log-Me-In account was breached,” states a June 12 notification letter to clients. “We have reason to believe that the data accessed could include credit card information from any cards used by your customers” between Feb. 28 and April 18.

IS&S provides services to a number of eateries including Dairy Queen, Buffalo Wild Wings and Taco Time, among others.

The incident “occurred through a phishing attack where the credentials of their corporate Log-Me-In account was compromised,” Tripwire reports. “Boston-based Log-Me-In noticed the compromise and alerted IS&S and they notified customers.”

sector

Food and Beverage

reported

July 1, 2014

reported by

Tripwire

number affected

Unknown

location of breach

Unknown

perpetrators

Unknown

location of perpetrators

Unknown

date breach occurred

multiple times between Feb. 28, 2014 and April 18, 2014

date breach detected

Unknown