Direct Marketing Association data breach

Oh, look. The Direct Marketing Association had a data breach.

In a notification template they submitted to the Maryland Attorney General’s Office on January 8, 2015, they write that the incident involved their online bookstore (and only that section of their website). Investigation determined that malware had been inserted on the server, which was maintained for them by an unnamed third party.

The malicious software may have placed credit and debit card data at risk of compromise, including names printed on the credit or debit cards, credit or debit card numbers, the security code, and card expiration dates.

The DMA offered those affected credit monitoring services for one year at no cost to the consumers.

The notification to consumers does not indicate the timeframe during which the malware may have exfiltrated customer payment card data, and this notification did not appear on California’s, Vermont’s, or New Hampshire’s websites.

Des Moines Man Charged with Computer Fraud
CrowdStrike catches insider feeding information to ScatteredLapsus$Hunters
Two suspected Scattered Spider hackers plead not guilty over Transport for London cyberattack
Attleboro investigating ‘cybersecurity incident' impacting city's IT systems
Fired techie admits sabotaging ex-employer, causing $862K in damage
Threat actors have reportedly launched yet another campaign involving an application connected to Salesforce

Related: