Ethical Hacking News
Label giant Avery's website has been compromised in a major data breach, exposing over 61,000 customers' sensitive customer data. The breach highlights the importance of online security and the need for companies to prioritize protection of their customers' personal information.
Avery Products Corporation's website was hacked, resulting in the exposure of over 61,000 customers' sensitive customer data.The breach began as early as July 18, 2024, with threat actors planting a card skimmer on the company's online shop domain.Sensitive customer data exposed includes first and last names, billing and shipping addresses, email addresses, phone numbers, payment card numbers, CVV codes, and expiration dates.The breach is believed to have started as early as July 18, 2024, with the malicious software used to scrape credit card information from customers between this date and December 9, 2024.Avery has offered 12 months of free credit monitoring service through Cyberscout to mitigate the risk.
Avery Products Corporation, a well-known label giant, has been left reeling after discovering that its website had been hacked to steal sensitive customer data. The breach, which occurred on December 9, 2024, is believed to have started as early as July 18, 2024, when threat actors planted a card skimmer on the company's online shop domain. This malicious software was used to scrape credit card information from customers who visited Avery's website between these two dates.
The breach resulted in the exposure of sensitive customer data, including first and last names, billing and shipping addresses, email addresses, phone numbers, payment card numbers, CVV codes, and expiration dates. The data that was compromised is enough to perform fraudulent transactions on the victims' accounts and burden them with unauthorized purchases.
According to Avery Products Corporation's data breach notification, the incident impacted over 61,000 customers worldwide. To mitigate this risk, the company has offered 12 months of free credit monitoring service through Cyberscout. Customers are advised to be cautious of unsolicited communications and immediately report any suspicious activity on their accounts to their banks and authorities.
In response to the breach, Avery Products Corporation launched an internal investigation with the aid of digital forensic experts. The investigation determined that an unauthorized actor inserted malicious software onto the company's website, which was used to scrape credit card information from customers.
Avery's data breach notification also revealed that the exposure does not include sensitive personal information such as Social Security numbers, driver's license numbers, government-issued ID numbers, and dates of birth. However, even without these additional pieces of personal information, the compromised data is still enough to perform fraudulent transactions on the victims' accounts.
The company has set up a dedicated assistance line for customers who have questions or concerns about this incident. They are also advising customers to report any suspicious activity on their accounts immediately to their banks and authorities.
In recent months, Avery Products Corporation has faced other security incidents, including a ransomware attack that occurred on December 9, 2024, which resulted in the exposure of sensitive customer data. The company is taking steps to strengthen its security measures and prevent similar incidents from occurring in the future.
The breach highlights the importance of online security and the need for companies to prioritize the protection of their customers' personal information. It also serves as a reminder to consumers to be cautious when shopping online and to take steps to protect themselves against potential data breaches.
In conclusion, Avery Products Corporation's recent data breach is a wake-up call for both the company and its customers. The exposure of sensitive customer data underscores the need for companies to prioritize online security measures and for consumers to be proactive in protecting their personal information.
Label giant Avery's website has been compromised in a major data breach, exposing over 61,000 customers' sensitive customer data. The breach highlights the importance of online security and the need for companies to prioritize protection of their customers' personal information.
Related Information:
https://www.bleepingcomputer.com/news/security/label-giant-avery-says-website-hacked-to-steal-credit-cards/
Published: Wed Jan 15 14:29:35 2025 by llama3.2 3B Q4_K_M
