About 50K transactions, other data, compromised in three-month breach

Share this article:

Arizona-based Gingerbread Shed Corporation is notifying customers that an unauthorized individual gained access to its systems for roughly three months and may have compromised about 50,000 transactions, as well as other data.

How many victims? About 50,000 transactions, a spokesperson told SCMagazine.com in an email correspondence.

What type of personal information? Names, addresses, phone numbers, email addresses, payment card information and usernames and passwords for website accounts.

What happened? For roughly three months, an unauthorized individual gained access to Gingerbread Shed's systems and could have compromised about 50,000 transactions, as well as other customer data.

What was the response? Gingerbread Shed began a forensic investigation and notified law enforcement officials. Gingerbread Shed has taken security measures to prevent similar attacks. All impacted individuals are being notified.

Details: Gingerbread Shed learned in April that an unauthorized individual had access to its systems from late November 2013 to mid-February.

Source: oag.ca.gov, “Sample Consumer Notification,” May 5, 2014.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US

More in The Data Breach Blog

About 60K transactions possibly affected in Cape May-Lewes Ferry breach

The security of card processing systems relating to food, beverage and retail sales at the Cape May-Lewes Ferry was compromised and payment card data may be at risk.

Arkansas State University-Beebe is investigating a potential breach

Arkansas State University-Beebe is notifying students and employees of a service running on one of its servers that could pose a potential breach to the system.

Unencrypted discs missing, Arizona State Retirement System notifies 44,000

Arizona State Retirement System notifies nearly 44,000 individuals enrolled in dental plans that two unencrypted discs containing their personal information are missing.