New reports indicate that Dairy Queen may be the latest American company to lose customers' personal information to cyber-criminals. Digital security expert Brian Krebs broke the news on his watchdog blog, "KrebsOnSecurity," saying that he first heard reports of a data breach in early to mid-August, and that recent evidence of fraud has substantiated that claim.
Krebs was the first to announce the massive Target data breach late last year, in which the personal information of 70 million customers was compromised.
Multiple financial institutions reportedly told the blogger that they have noticed indicators of criminal activity related to more than 50 credit and debit cards, all of which had recently been used at multiple Dairy Queen locations across various states. Krebs says he also has reason to believe those cards are currently for sale on the black market.
The Dairy Queen headquarters says it has no reason to believe that the company has suffered a data breach. However, Director of Communications Dean Peters admits that DQ does not require the owners of its independently owned and operated franchises to report security problems.
"At this time, there is no such policy," Peters tells Krebs. "We would assist them if [any franchisees] reached out to us about a breach, but so far we have not heard from any of our franchisees that they have had any kind of breach."
Krebs says the security of payment systems at Dairy Queen locations in Florida, Alabama, Illinois, Indiana, Kentucky, Ohio Tennessee and Texas were compromised. If you have recently dined at a franchise in one of these states, you should keep a watchful eye open for any suspicious activity linked to your accounts. Every American is entitled to one free credit report a year from one of the three major credit bureaus - Experian, TransUnion and Equifax.
One strategy for anyone who wants to help protect their identity is to invest in a credit monitoring service. While these services cannot offer total protection against identity theft, they can alert you to certain activity that may indicate fraud connected to your name.
When your credit monitoring service informs you that activity has been detected, you can take proactive steps to thwart the cyber-crooks, preventing them from seriously damaging your credit. Without the help of a full-time monitoring system, many people don't realize for months or even years that someone has opened lines of credit and accounts using their personal information. Needless to say, the long-term ramifications of this can be severe, even though you almost certainly did nothing wrong.
Unfortunately, digital criminals are becoming better at hacking into companies' payment software and our own personal online accounts to steal our information. This is why it's also crucial that you use a different hard-to-guess, unique password for each online account including social networking, banking and shopping profiles. Each one should contain letters, numbers and symbols, and none should use a word or name, as they are too easy to crack. Think of it this way: If you use just one code for all of your Internet activity, then a thief could potentially gain access to your checking account just by determining your Pinterest password!
Of course, we realize that it is difficult if not impossible to remember a dozen or more unique codes. That's why we also recommend investing in a password manager, which can keep all of your password information hidden in a secure vault. It's easy for you to use, while providing an extra layer of protection against thieves.