Payment cards targeted in attack on pet supplies website
Tennessee-based ValuePetSupplies.com is notifying several thousand customers that unauthorized persons accessed its servers and installed malicious files to capture personal information – including payment card data – entered into its website.
How many victims? Several thousand customers.
What type of personal information? Names, addresses, email addresses, phone numbers, account passwords, credit or debit card numbers, card value verifications (CVV), and expiration dates.
What happened? Unauthorized persons accessed the ValuePetSupplies.com servers and installed malicious files to capture personal information entered into the website.
What was the response? The malicious files have been removed, and additional steps have been taken to secure the system against future breaches. All affected individuals are being notified.
Details: The breach is believed to have occurred from Nov. 25, 2014, to Dec. 29, 2014.
Quote: “Although we have no knowledge that your personal information was accessed from the malicious files, it is important that we notify you and provide you with specific information [enclosed] to help protect your financial and other personal records,” Zachary Piech, president of ValuePetSupplies.com, wrote in the notification letter.
Source: oag.ca.gov, “Sample Breach Notification Letter,” Jan. 14, 2015; a Thursday email correspondence with Piech.