Breach, Threat Management, Data Security, Vulnerability Management

Hacker battles encryption, nabs card info from online retailer

Smartphone Experts, a Florida-based online retailer of smartphone accessories, was the victim of a hack in July that compromised customer card information.

How many victims? Unknown.

What type of personal information? Names, addresses, credit or debit card account numbers, CVV code and the card expiration dates. 

What happened? A hacker gained access into the computer system Smartphone Experts used to process online payments. 

What was the response? Measures were immediately taken to prevent further unauthorized access. Smartphone Experts hired data security firm to begin an investigation. The online retailer is working with card companies to protect cardholders and a letter was mailed to potentially affected customers.

Details: A hacker penetrated the payment processing computer system on July 12 and letters were mailed to customers on Aug. 6. Card information is encrypted when it is stored in the system, but the investigation revealed the hacker may have used a decryption feature in the system to view the saved details.

Quote: “Out of an abundance of caution, we are notifying you of the incident you so you can take steps to protect your card from any attempted misuse,” said Diana Kingree, Smartphone Experts senior vice president. “We recommend you remain vigilant to the possibility of unauthorized charges on your card by reviewing your account statements.”

Source: oag.ca.gov, “Submitted breach notification sample,” Aug. 7, 2013.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.