American Labelmark Company (dba Labelmaster) recently reported an intrusion involving their e-commerce site (labelmaster.com) that affected customers’ names, addresses, and credit card numbers and expiration dates.
In a letter dated October 17 to the New Hampshire Attorney General’s Office, Dwight Curtis reported that on September 12, TrustWave confirmed that they had suffered a breach involving transactions that occurred between May 18 and August 2. Labelmaster does not store credit card data, but the data were accessed while in temporary storage to process transactions. No CVV codes were involved.
Somewhat curiously (to me, anyway), the dates of compromised transactions are almost identical to what was reported by Bob Ward & Sons for their e-commerce site, but Chicago-based Labelmaster does not report how and when they first learned of the breach nor when the site was first compromised. They do report, however, that – unlike Bob Ward & Sons – they had no indication of fraudulent use of customers’ credit card information.
And no, I don’t see any notice on their web site about the breach.