Direct Marketing Association data breach

Oh, look. The Direct Marketing Association had a data breach.

In a notification template they submitted to the Maryland Attorney General’s Office on January 8, 2015, they write that the incident involved their online bookstore (and only that section of their website). Investigation determined that malware had been inserted on the server, which was maintained for them by an unnamed third party.

The malicious software may have placed credit and debit card data at risk of compromise, including names printed on the credit or debit cards, credit or debit card numbers, the security code, and card expiration dates.

The DMA offered those affected credit monitoring services for one year at no cost to the consumers.

The notification to consumers does not indicate the timeframe during which the malware may have exfiltrated customer payment card data, and this notification did not appear on California’s, Vermont’s, or New Hampshire’s websites.

Protected health information of 462,000 members of Blue Cross Blue Shield of Montana involved in Conduent data breach
TX: Kaufman County Faces Cybersecurity Attack: Courthouse Computer Operations Disrupted
Hotel and Casino near Las Vegas Strip suffers data breach, documents say
Attorney General James Announces Settlement with Wojeski & Company Accounting Firm
JFL Lost Up to $800,000 Weekly After Cyberattack, CEO Says No Patient or Staff Data Was Compromised
A business's cyber insurance policy included ransom coverage, but when they needed it, the insurer refused to pay. Why?

Related: