The fast food chain said names and card data may have been stolen from customers who visited 395 of its restaurants between August and October.
An investigation into the months-long attack revealed that "a third-party vendor's compromised account credentials were used to access systems at some locations," the company said in a statement Thursday.
Dairy Queen is offering free identity repair services for one year to all customers who used their payment card at one of the affected locations.
The company posted a list of all the stores affected by the breach here.