Cyberswim, Inc. is notifying an undisclosed number of customers that unauthorized individuals or entities installed malicious software on the computer server hosting its website and may have compromised their personal information, including payment card data.
How many victims? Undisclosed.
What type of personal information? Names, addresses, website usernames and passwords, payment card account numbers, card expiration dates, and payment card security codes.
What happened? Malicious software was installed on the computer server hosting the Cyberswim, Inc. website and may have compromised the personal information.
What was the response? Measures were taken to prevent this incident from happening again in the future, such as initiating a password reset process and updating the code used to run the website and systems used to detect malicious software. All impacted individuals are being notified.
Details: Malicious software was confirmed to be installed on Sept. 24 and may have compromised personal information for visitors that made purchases between May 12 and Aug. 28.
Source: oag.ca.gov, “Sample Notice Letter (Cyberswim),” Oct. 14, 2014.