In response to the news that fast food restaurant Dairy Queen has confirmed that systems in some of their locations have been infected with malware that puts at risk credit and debit card data of customers of the retail chain, Mark James, security expert at ESET says:
http://news.softpedia.com/news/Dairy-Queen-Confirms-Breach-of-Payment-Systems-456832.shtml
“If it is indeed the "back-off" malware that has infected these systems it could be an indication that they either have no antivirus protection, or out of date protection, installed on their POS systems.
A number of factors need to be addressed in order to protect against today’s diverse attacks. These include using the latest operating systems (patched and fully up-to-date), implementing a good antivirus product which uses the latest signatures and behaviour analysis (heuristics), firewall and host-based intrusion-detection, and good user education, along with a strong password policy and only allow specific needed software and ports to be used.
The type of data lost could include names, phone numbers, email and home addresses and credit or debit card information. Companies must remember that all this information should be encrypted and systems should be reviewed on a regular basis to check for breaches. It is the responsibility of the company to notify the end users as soon as any breach has occurred and fully disclose the extent of data lost.
ESET has had detection of this malware since July 2014.