The other night near bed-time I asked Lavie to please keep a closer eye on the old bank account.
Within the past month we had some scrumptious DQ Blizzard desserts and had used our bank card.
She regularly does anyway and asked why.
I basically summarized this.
- DQ Breach? HQ Says No, But Would it Know? — Krebs on Security
As far as I know, no list of impacted store locations/franchisees has been released publically. We know general information at the state level, but nothing beyond that.
Although there are more than a handful of DQ stores around our immediate area, we always frequent a particular store.
There, the family proprietors are always on site and friendly. They ask about our family; we theirs. We talk about the community, trends seen, and too much work over all. That personal touch is as refreshing as the dessert menu.
After patiently listening to me, Lavie then said, “Well, that makes sense then.”
Turns out she stopped by their store this week and the proprietor explained that he didn’t want to take our bank card for the ring-up and that for now, the store was operating on “cash-only”. He assumed Lavie (and his customers) hadn’t heard about the potential data breach and was providing a face-to-face explanation to every one of his customers.
He explained that as far as they knew, their store POS system/network hadn’t been hit, but he could not be 100% sure just yet. They were waiting for additional security audits to be completed before they felt they could return to processing bank cards.
He then proceeded to give Lavie her ordered dessert treat free in gratitude for her continued business; despite her kind objections.
It was a large dipped ice-cream cone and the value to us as customers was priceless.
Time will tell and I do hope their POS mechanisms are found to be safe after the audits are completed. If not, well, that may mean a new set of bank-cards even though the fresh still hasn’t worn off the last ones we got due to the Target fiasco.
And about that Target fiasco.
We used to shop at Target every few weeks.
In the aftermath, we were offered (via press releases in the news) offers of discounts on purchases for a time. And that’s that. Target sends us all kinds of personalized catalogs, special deal offers, etc. but I don’t ever recall getting a personalized type of “our bad” communication directly from them as a customer. We did get some new bank-cards with personalized and friendly service (with a modicum of targeted finger-pointing) from our bank.
The only reason I really knew -- deeply -- what was going on behind the scenes with that particular data breach was that I follow InfoSec news. If I had relied only on media outlet reports, I would be woefully uninformed.
We haven’t shopped at Target since the breach was announced. That’s a big thing. Our shopping patterns have been adjusted; sometimes inconveniently. I’m sure they now have new measures in place, and are doing a lion’s share of work rebuilding their customer confidence levels. Their house is probably filled with layers and layers of security checks, balances, monitoring, and diligent oversight. Lessons learned the painful way. Will we return to shopping there? Probably eventually.
Will we be going back and getting more treats and baskets from our local neighborhood DQ? You bet and maybe even later today!
Will we be paying in cash for a while longer? Probably so.
In this case, even though the breach information is super-thin, the face-to-face communication -- however how embarrassing and business impacting to the proprietor -- signals a personal recognition of sensitivity and concern to us as customers that is priceless.
And in this new age of hack/whack-a-mole, information and communication is everything.