Employee Information Was Leaked At Cookware Company Meyer

Meyer Corporation is a California-based company and a giant in the cookware industry. Meyer is the latest victim in a seemingly never-ending parade of hacking attacks. The full extent of the attack has not yet been disclosed because an investigation into the matter is ongoing. However, we do know at this point that the attackers made off with at least one database containing the personal information of thousands of Meyer employees.

The company issued a breach notification and has filed papers with the Attorney General office in both Maine and California.  Notification letters have already been sent to individuals impacted by the breach.

The notification reads in part, as follows:

"Meyer was the victim of a cybersecurity attack by an unauthorized third party that impacted our systems and operations. Upon detecting the attack, Meyer initiated an investigation with the assistance of our cybersecurity experts, including third-party forensic professionals. On or around December 1, 2021, our investigation identified potential unauthorized access to employee information.

The types of personal information that may have been accessed during this incident will depend on the types of information you have provided to your employer, but may include: first and last name; address; date of birth; gender; race/ethnicity; Social Security number; health insurance information; medical condition(s) and diagnoses; random drug screening results; COVID vaccination cards and status; driver's license, passport, or government-issued identification number; Permanent Resident Card and information regarding immigration status; and information regarding your dependents (including Social Security numbers), if applicable that you may have provided to the company in the course of your employment."

The company has not confirmed that the attack was a ransomware attack. However, the Conti gang who makes heavy use of ransomware successfully breached the company's defenses last November (in 2021).  Their leak site contained nearly 250 MB of data which represented about 2 percent of the total data stolen from the company during that attack.

It's not much of a silver lining. At least in this case, unless you work for the company, your personal information does not appear to be at risk.  Even if you are one of the unfortunate people who received a notification letter from Meyer you will be offered two years' worth of free identity protection.  That's small consolation but it's something.

Call SpartanTec, Inc. now if you need help in protecting your company against online threats.

SpartanTec, Inc.
Myrtle Beach, SC 29577
(843) 420-9760
https://www.spartantec.com/

Serving: Myrtle Beach, North Myrtle Beach, Columbia, Wilmington, Fayetteville, Florence, Charleston

Puma Sportswear Recently Impacted By A Data Breach

We have recently learned that Puma Sportswear was impacted by a data breach in the waning days of 2021.

It's important to note that Puma's networks were not attacked directly.  The attack was made against Kronos which is one of the company's North American workforce management service providers.

In a recently filed data breach notification it was disclosed that the still unidentified attackers stole a variety of personal information belonging to Puma employees and their dependents from the Kronos Private Cloud. In addition, they deployed ransomware on the Kronos network.

The investigation into the breach is ongoing but it presently appears that nearly half of Puma's employees were impacted.  Kronos sent a letter to all impacted individuals.  Unfortunately, the letter was terse and contained little in the way of actionable information.

The letter states:

"On January 7, 2022, Kronos confirmed that some of your personal information was among the stolen data. We notified PUMA of this incident on January 10, 2022."

All impacted individuals have been offered two free years of Experian IdentityWorks, which includes credit monitoring, identify theft insurance, and identity restoration.

This is the second hacking incident involving Puma in recent months.  Back in August of 2021 the company's network was breached and source code for an internal application was stolen and put up for sale on the Dark Web.

The company stressed that no customer data was compromised and that the stolen information was connected solely to the company's employees.

This attack underscores the risks and dangers inherent in our increasingly interconnected world.  A data breach on a trusted vendor's network can impact your company in ways you never even imagined. That means no matter how much you spend on your own IT security, you may still be vulnerable if one of the vendors you rely on doesn't take security as seriously as your firm does.

Call SpartanTec, Inc. now if you need help in protecting your company against data breach.

SpartanTec, Inc.
Myrtle Beach, SC 29577
(843) 420-9760
https://www.spartantec.com/

Serving: Myrtle Beach, North Myrtle Beach, Columbia, Wilmington, Fayetteville, Florence, Charleston

New Data Breach Hits US Cellular Company

It's the dawning of a new year and the hackers of the world have been busy.  This time it's US Cellular caught in the crosshairs.

The company recently reported that their billing system was hacked and they sent breach notification letters to more than four hundred impacted individuals.

US Cellular is the fourth largest carrier in the United States.  Only 405 of the company's customers seem to have been affected which makes this attack quite small in terms of scope and scale.  That's small consolation if you're one of the unlucky US Cellular customers to have received a notification in the mail.

The company had this to say about the incident:

"On December 13, 2021, UScellular detected a data security incident in which unauthorized individuals illegally accessed our billing system and gained access to wireless customer accounts that contain personal information.

Information in customer accounts include name, address, PIN code and cellular telephone number(s) as well as information about wireless services including service plan, usage and billing statements.

Sensitive personal information, such as Social Security number and credit card information, is masked within the CRM system. At this time, we have no indication that there has been unauthorized access to your UScellular online user account."

If you haven't received a notification in the mail from US Cellular then it's  most likely that your account record was not compromised. Out of an abundance of caution, you may want to reset your account password and be on the lookout for suspicious emails targeting you. Now you may be more likely to be on the receiving end of phishing emails for a time.

Kudos to US Cellular for their rapid response.  Sadly we'll probably be seeing a lot more of this kind of thing in the year ahead.

Call SpartanTec, Inc. now if you need professional help in protecting your data against hackers and cybersecurity threats.

SpartanTec, Inc.
Myrtle Beach, SC 29577
(843) 420-9760
https://www.spartantec.com/

Serving: Myrtle Beach, North Myrtle Beach, Columbia, Wilmington, Fayetteville, Florence, Charleston

Cox Communications Reports Recent Data Breach

Cox Communications is a major provider of cable, internet, and phone service in the United States.  The company is the latest in a seemingly unending parade of companies to fall victim to a hacking attack. In this case, the hacker gained access to company servers by impersonating a member of Cox Communication's Customer Support team.  At this point details are sketchy as the investigation into the matter is ongoing.

The company's breach notification statement reads:

"On October 11, 2021, Cox learned that an unknown person(s) had impersonated a Cox agent and gained access to a small number of customer accounts. We immediately launched an internal investigation, took steps to secure the affected customer accounts, and notified law enforcement of the incident.

After further investigation, we discover that the unknown person(s) may have viewed certain types of information that are maintained in your Cox customer account, including your name, address, telephone number, Cox account number, Cox.net email address, username, PIN code, account security question and answer, and/or the types of services that you receive from Cox."

At this point the exact number of records the hacker gained access to is not known. However given the above if you are a Cox customer you should change your password and security question(s) at a minimum.

Although payment card information associated with impacted accounts was not specifically mentioned it pays to closely monitor whatever payment cards you have tied to your Cox account just to be safe.

It is also worth mentioning that the company is in the process of contacting impacted customers and has offered one free year of Experian Identity Works. The program can help monitor credit reports and detect signs of fraudulent activity.

We wish we could say that this will be the last major data breach of the year but sadly it almost certainly won't be.  Stay vigilant.  It's dangerous out there.

SpartanTec's primary objective is to keep our customers data secure. Call us today to see how we provide peace of mind.

SpartanTec, Inc.
Myrtle Beach, SC 29577
(843) 420-9760
https://www.spartantec.com/

Serving: Myrtle Beach, North Myrtle Beach, Columbia, Wilmington, Fayetteville, Florence, Charleston

Large GoDaddy Data Breach Involves WordPress Customer Email Adresses

Are you a GoDaddy customer? Do you maintain a WordPress blog with the company? If so be advised that the company recently announced a data breach of their network. An as yet unidentified third party accessed GoDaddy's Managed WordPress hosting environment.

Based on the investigation to date the intrusion began on September 6, 2021. While taking advantage of a vulnerability the company was unaware of at the time the unknown cybersecurity attacker was able to gain access to a variety of information.

The information taken includes:

• The email addresses and customer numbers of more than 1 million Managed WordPress customers (both active and inactive)
• The original WordPress Administrative password that was set at the time of provisioning
• For active customers, the SFTP and database usernames and passwords
• And for some customers (exact number unknown at this time), the SSL private key

The company has retained the services of an independent third-party security firm to assist them with their investigation. That investigation is ongoing but the company has already reset the SFTP and database passwords for all impacted users. They are in the process of issuing and installing new certificates for customers who had their SSL private keys exposed.

The company is in the process of contacting all impacted users. If your email address was exposed, you will definitely want to keep a sharp eye out for phishing attacks targeting your email address.

As is the case any time an event like this occurs the company apologized and stressed that they take customer data security very seriously. No additional information is available at this time but bear in mind that the investigation is still ongoing.

It's unfortunate but not altogether unsurprising. A company as large as GoDaddy with millions of customers is an attractive target for almost any hacker. Stay vigilant out there. This won't be the last major breach we see this year.

Call SpartanTec, Inc. now if for more information about cybersecurity and our managed IT services.

SpartanTec, Inc.
Myrtle Beach, SC 29577
(843) 420-9760
https://www.spartantec.com/

Serving: Myrtle Beach, North Myrtle Beach, Columbia, Wilmington, Fayetteville, Florence, Charleston

Hackers Hit Wind Energy Provider With Ransomware

Vestas Wind Systems is one of the leaders in wind turbine manufacturing in North America with 40,000 MW currently installed and another 36,000 MW under service in both the US and Canada.

Recently the company published a data breach notification indicating that they had been the subject of a successful cyber attack which occurred on Friday, November 19th.

This forced them to shut down broad swaths of their network infrastructure to keep the attack from spreading. Although Vestas did not specify the exact nature of the attack based on their description it seems likely that the company fell victim to a ransomware attack.

Unfortunately this incident is almost certain to have serious downstream impacts. The company was already struggling with supply chain issues and the shutdown forced them to delay production. That is going to delay the completion of many of the projects Vestas has in the pipeline which will have further impacts as well. Although these are difficult to predict with any accuracy.

According to the latest information provided by the company both the issue itself and the investigation into it are ongoing and the company does not yet have a firm timeline for recovery. Vestas also confirmed that some of the company's data had been compromised and exfiltrated but did not provide any details as to the specifics of that information.

There have been a number of cyberattacks on critical infrastructure concerns as gangs of cybercriminals seek ever larger payouts. Given that the Vestas attack is very much in line with attacks earlier this year on Colonial Pipeline, Irelands Health Service Executive, and meat processing giant JBS.

If you do business with the company just be aware that their operations have been impacted and that the issue is ongoing so there are almost certain to be delays. Let us hope Vestas is able to resolve the matter quickly.

SpartanTec, Inc. now if you want more information about managed IT services and how they can help protect your information from cyberattacks.

SpartanTec, Inc.
Myrtle Beach, SC 29577
(843) 420-9760
https://www.spartantec.com/

Serving: Myrtle Beach, North Myrtle Beach, Columbia, Wilmington, Fayetteville, Florence, Charleston

Recent Massive Data Breach Attacks T-Mobile Company

US telecommunications giant T-Mobile is the latest big company to suffer from a successful hacking attack. The company is still cooperating with law enforcement and investigating an attack.

Here are the details. A threat actor claimed to have made copies of databases that contained personal information belonging to more than 100 million of the company's customers.

The attacker is currently offering copies of the database for sale on the Dark Web for six bitcoin valued at approximately $280,000 USD at the time this article was written.

The database being offered contains useful information including:

• First and last name
• Dates of birth
• Driver's license numbers
• And social security numbers belonging to more than 30 million people.

The remaining records also contain personal information but the information is somewhat less comprehensive than the 30 million records mentioned above.

According to the attacker responsible for the data breach, he was able to make off with their entire IMEI history database dating back to 2004. In all the attacker claims to have made off with more than 106 GB worth of data and is actively seeking buyers.

According to the hacker the attack against T-Mobile was launched as an act of revenge against the US for the apprehension of another hacker named John Erin Binns in Germany in 2019. How much of this claim is true is unknown at this time.

If you're a T-Mobile subscriber there is nothing for you to do at present except to be mindful that large amounts of data may have been stolen. Keep a watchful eye on your accounts in the event that your customer record was compromised.

We can expect the company to make an additional announcement as their cybersecurity investigation reaches its conclusion. For the moment just be mindful of it and be aware that no company is too big or too small to be a target of relentless hackers. Your company could be next.

Call SpartanTec, Inc. now if you want to protect your company from various cybersecurity threats.

SpartanTec, Inc.
Myrtle Beach, SC 29577
(843) 420-9760
https://www.spartantec.com/

Serving: Myrtle Beach, North Myrtle Beach, Columbia, Wilmington, Fayetteville, Florence

Latest Data Breach Hits Guess Clothing Company

American fashion retailer Guess recently became the latest in a seemingly unending parade of big-name companies to suffer a data breach.

The company's breach notification letter was mailed to all customers whose data was compromised. The letter states that an unidentified party gained access to Guess' systems between February 2nd and February 23rd of this year (2021).

The company discovered evidence of the breach on May 26th and determined that the personal information of some Guess customers had been accessed. By the 3rd of June, the company, a third party security vendor, and law enforcement officials had finished a review of the data that was accessed. They then began contacting all individuals impacted by the breach as of June 9th.

The company is offering a year of free credit monitoring to all impacted individuals as is often the case in data breaches.

 

Call Now

 

The letter being sent to impacted individuals reads in part as follows:

"On May 26, 2021, the investigation determined that personal information related to certain individuals may have been accessed or acquired by an unauthorized actor. The investigation determined that Social Security numbers, driver's license numbers, passport numbers and/or financial account numbers may have been accessed or acquired."

The data security breach notification letters give no indication as to the scope and scale of the breach. The information filed with Main's Attorney General indicates that just over 1300 people had their data compromised during the attack.

Guess' breach notification gave no indication of who may have been behind the attack. However security researchers have found circumstantial evidence on the Dark Web that points to the DarkSide ransomware group.

If that name sounds familiar to you it's because they're the group behind the recent Colonial Pipeline attack that brought fuel deliveries to a standstill in the southeastern United States for the better part of two weeks. Not long after the Colonial attack the FBI seized significant portions of the group's infrastructure and they ceased all operations in late May. Now they seem to be back with a vengeance.

 

Call SpartanTec, Inc. now if you need expert help boosting your company's cybersecurity and protecting your business from data breaches.

 

SpartanTec, Inc.
Myrtle Beach, SC 29577
(843) 420-9760
https://www.spartantec.com/

Serving: Myrtle Beach, North Myrtle Beach, Columbia, Wilmington, Fayetteville, Florence

Difference Between a Data Breach and Security Incident?

If you think a data breach can’t happen to you, think again: According to the Ponemon Institute’s Fifth Annual Benchmark Study on Privacy and Security of Healthcare Data,criminal attacks are up 125 percent compared to five years ago. And that’s just in the healthcare sector.

Now more than ever, organizations need a primer on how to protect sensitive data. With cyber crime attacks on the rise, it’s critical to understand what a data breach is, how it differs from a security incident and how to plan a data breach response.

Incident vs. Breach

Think of a security incident as a pesky cold that may sideline you for a couple days, but clears up fairly quickly. It’s any event that violates an organization’s security or privacy policies around sensitive information like Social Security numbers or confidential medical records. This can be anything from a misplaced drive to missing paper files.

A data breach Myrtle Beach, on the other hand, is like the nastiest flu bug ever — a whopper of a virus that will knock you off your feet.  The folks at ID Experts define it as a security incident that meets specific legal definitions per state and federal laws.

Specifically, data breaches require notification to the affected individuals, regulatory agencies, and sometimes credit reporting agencies and media.

 

Call Now

 

Security Incidents Are Status Quo

Security incidents are, sadly, part of the status quo — with 65 percent of healthcare organizations reporting having experienced electronic information-based security incidents over the past two years, according to the Ponemon study.

While not all security incidents escalate into data breaches, there’s a regulatory obligation to complete an incident risk assessment when PHI (protected health information) or PII (personally identifiable information) is compromised.

Responding Effectively

When an incident does escalate into a data breach, a quick and effective response is critical. This requires close collaboration across the company or organization, not just IT. Stakeholders in legal, marketing, public relations, the C-Suite and other functions have to be prepared to own a piece of the incident response and work together in a fairly seamless manner.

The first two, vital steps following a data breach are 1) Quantify the damage; and 2) Determine your response.

To address the first, quantifying damage, it helps to know at any point in time what information requires the most protection, where it’s stored and how it’s protected. At SpartanTec, Inc. we recommend performing periodic cyber threat assessments to develop this understanding.

In respect to step two, determining response, this is essential to managing enterprise risk and can quell fears, especially when the breach is more serious than initially thought, when credit monitoring isn’t enough and when media interest is high.

It requires data breach agility. Organizations with high data breach agility are more likely to have cybersecurity platforms that optimize visibility and the sharing of actionable threat intelligence between prevention and detection tools and across endpoints, data centers and the cloud.

 

This is among the advantages of the security fabric. Based on open APIs, it links together different security sensors and tools to collect real threat data, enabling technology and people to more effectively coordinate and respond to potential threats. Contact SpartanTec, Inc. to learn more.

 

SpartanTec, Inc.
Myrtle Beach, SC 29577
(843) 420-9760
https://www.spartantec.com/

Serving: Myrtle Beach, North Myrtle Beach, Columbia, Wilmington, Fayetteville, Florence

Some TurboTax Accounts Were Hacked Due To Poor Passwords

Hackers around the world have been busy this year, with Intuit being the latest company to fall victim to data breach.

The TurboTax company recently announced that their network was breached following a series of account takeover attacks, and that as a consequence, an undisclosed number of Turbo Tax customers had their personal data compromised.

The company stressed that this breach was not a consequence of failed network security on their part, but rather, bad password practices in use by some of their customers.

The way an ATO (Account Take Over) attack works is this: A customer is in the habit of using the same password on multiple sites. A hack occurs on another site that the customer uses, and his password there is exposed.

Knowing that many people reuse passwords, hackers attempt to use the passwords they glean from one cybersecurity breach on accounts for other sites, hoping to get lucky. In many cases, they do. That's what happened here.

 

Call Now

 

Although the number of impacted accounts seems disturbingly large, the reality is that Turbo Tax serves over 100 million customers a year. So the impacted accounts represent a tiny fraction of the total. Granted, that's small consolation for those who have had their data compromised, but understanding how it happened and the context of the scope and scale is still important.

Now for the bad news: If your account was compromised, the hackers likely made off with information like your tax returns for prior years, your current tax return, your social security number, date of birth, driver's license number, and a wide range of financial information. Put another way, the hackers now have in their possession, everything they need to steal your identity and/or make your life a living hell. Be careful and check your credit report regularly for the next few months.

 

Call SpartanTec, Inc. now if you need help in boosting your cybersecurity strategy to lower your risk of data breach.

 

SpartanTec, Inc.
Myrtle Beach, SC 29577
(843) 420-9760
https://www.spartantec.com/

Bose Is Latest Company To Have Employee Data Breached

Bose is the latest in an unending parade of major companies to disclose that they've been the victim of a ransomware attack. In the company's data breach notification letter, they indicated that they first detected the incursion on March 7th, 2021, with the attack itself having occurred on April 29th.

Additionally, as is quite common in these cases, the company indicated that they immediately began working with both law enforcement and a third-party cybersecurity agency to continue the investigation. According to the official notification, Bose did not pay the demanded ransom, and was able to restore their corporate network to full functionality with minimal disruption to the company's business operations.

In terms of scope and scale, the company identified a small number of individuals whose data was impacted and notified everyone who was affected by mail. Based on the forensic analysis, the company determined that the files accessed by the hackers contained personal information related to an unspecified number of current and former employees, including names, social security numbers, salary, and other HR-related information.

 

Call Now

 

In the aftermath of the attack, Bose took the following steps to further bolster their security:

• Enhanced malware/ransomware protection on endpoints and servers to further enhance our protection against future malware/ransomware attacks.
• Performed detailed forensics analysis on impacted server to analyze the impact of the malware/ransomware.
• Blocked the malicious files used during the attack on endpoints to prevent further spread of the malware or data exfiltration attempt.
• Enhanced monitoring and logging to identify any future actions by the threat actor or similar types of attacks.
• Blocked newly identified malicious sites and IPs linked to this threat actor on external firewalls to prevent potential exfiltration.
• Changed passwords for all end-users and privileged users.
• And changed access keys for all service accounts.

The bottom line is, although unfortunate, the company's handling of the incident has been commendable. We just hope that the day comes when there won't be quite so many stories like this one.

 

Call SpartanTec, Inc. now and let our IT support professionals to set up the most effective cybersecurity strategy to keep hackers at bay.

 

SpartanTec, Inc.
Myrtle Beach, SC 29577
(843) 420-9760
https://www.spartantec.com/

Serving: Myrtle Beach, North Myrtle Beach, Columbia, Wilmington, Fayetteville, Florence

Over 3 Million Affected By Volkswagen Group Data Breach

The Volkswagen Group of America (VWGoA), a subsidiary of the German Volkswagen Group, recently disclosed a large scale data breach that exposed the personal data of more than three million VW customers.

The incident came about because between August of 2019 and May of 2021, one of VWGoA's vendors left unsecured data exposed on the internet.

The company was notified by the vendor that an unauthorized person or persons had accessed the unsecured data and may have obtained customer information for people who had purchased an Audi or Volkswagen during that time, in addition to exposing some details on the dealerships where the vehicles were purchased. A forensic analysis revealed that information belonging to 3.3 million customers was exposed, and that 97 percent of those records related to customers of Audi vehicles or interested buyers.

The information in the vulnerable database varies widely from one customer to the next, but generally includes full names, email addresses and phone numbers, and more than 95 percent of the compromised records also included driver's license numbers.

 

Call Now

 

A small number of exposed customer records, numbering approximately 90,000, also contained social security numbers. For those customers, VWGoA is offering one year of free credit protection and monitoring, and a $1 million insurance policy that protects against identity theft.

VWGoA has also begun the process of notifying all impacted customers. So if you purchased a BMW or Audi during the time frame mentioned above, or if you expressed an interest in doing so, you may be contacted by Vokswagen.

Unfortunately, the database was left exposed for an extended period of time, and there's no telling how many bad actors may have gained access to it. Right now, security professionals are monitoring the Dark Web in case the data begins appearing there. So far, it has not, but that could happen at any time. Companies, whether big or small, should pay close attention to their cybersecurity and data backup plans. Don't wait for a cyberattack to happen before you prioritize these things.

 

Call SpartanTec, Inc. now for more information about our managed IT solutions and data recovery services.

 

SpartanTec, Inc.
Myrtle Beach, SC 29577
(843) 420-9760
https://www.spartantec.com/

Serving: Myrtle Beach, North Myrtle Beach, Columbia, Wilmington, Fayetteville, Florence

Data Breach Hits McDonalds In US And Other Countries

McDonalds is the latest major corporation to fall victim to a data breach. The fast-food giant does business in more than 100 countries and has nearly 40,000 locations globally with more than 14,000 in the United States alone. Recently, they disclosed that hackers found a way into their network and stole information belonging to both employees and customers in the US, South Korea and Taiwan.

If there's a silver lining in the disclosure, it lies in the fact that McDonalds was able to confirm that no payment information was stolen. Nonetheless, the hackers were able to abscond with a raft of personal information including email addresses, phone numbers, physical addresses and the full names of an as yet undetermined number of customers and employees.

As part of their disclosure, the company said that they were working with law enforcement and a outside data security vendor to conclude the investigation. They included that they were in the process of contacting any customer whose information was compromised by the breach.

 

Call Now

 

So far, their handling of the aftermath of the hack has been exemplary, though that's at least in part because they've had their share of practice. Back in 2017, the company suffered an attack that revealed a cross-site scripting vulnerability that left customer passwords exposed and stored as plain text.

If you live in the US, Korea or Taiwan and are a regular McDonalds customer and have created a login on the company's site or have downloaded the McDonalds app, you may be getting a letter from the company explaining that the information you shared with the company was compromised. The letter should outline the company's next planned steps. Even if you don't get a communication from them, your best bet is to change your McDonalds or app password right away.

 

Call SpartanTec, Inc. now if you need help of IT support professionals in preventing data breaches and other types of online threats by developing effective cybersecurity solutions.

 

SpartanTec, Inc.
Myrtle Beach, SC 29577
(843) 420-9760
https://www.spartantec.com/

Serving: Myrtle Beach, North Myrtle Beach, Columbia, Wilmington, Fayetteville, Florence

Credit Card Data Breach Affects Jewelry, Accessory Store

Claire's Jewelry and Accessories is the latest company to fall victim to hackers.

According to a recent disclosure made by the company, both the retail giant's main website, and the website of their subsidiary, Icing, were compromised.

They were hit by what appears to be a Magecart attack.

The company's disclosure reads in part as follows:

"On Friday, we identified an issue related to our e-commerce platform and took immediate action to investigate and address it. Our investigation identified the unauthorized insertion of code to our e-commerce platform designed to obtain payment card data entered by customers during the checkout process. We removed that code and have taken additional measures to reinforce the security of our platform.

We are working diligently to determine the transactions that were involved so that we can notify those individuals. Cards used in our retail stores were not affected by this issue. We have also notified the payment card networks and law enforcement. It is always advisable for cardholders to monitor their account statements for unauthorized charges.

The payment card network rules generally provide that cardholders are not responsible for unauthorized charges that are timely reported. We regret that this occurred and apologize to our customers for any inconvenience caused"

The attack apparently came just one day after the retailer closed down all of their brick and mortar shops worldwide as a result of the COVID-19 pandemic. Based on the investigation to this point, the hackers were actively trying to steal customer credit card data between April 30th and June 13th, 2020.

If you or any member of your family has made a purchase on either the Claire's website or their subsidiary site Icing, be aware that your payment card information may have been compromised. Be sure to alert your credit card issuing company right away, and be on the alert for any suspicious charges that may appear on the card or cards used to make those purchases.

 

Call SpartanTec, Inc. today and let us help you set up the most effective cybersecurity measures to protect your business against potential data breaches.

 

SpartanTec, Inc.
Myrtle Beach, SC 29577
(843) 420-9760
https://www.spartantec.com/