Retailer LaCie Confirms Breach
Customer Transaction Data Compromised for Nearly a YearComputer hardware retailer LaCie is notifying its customers about a website breach involving payment card data that went on for almost a year.
See Also: Effective Communication Is Key to Successful Cybersecurity
On March 19, the Federal Bureau of Investigation informed LaCie that it found indications that an unauthorized person used malware to gain access to information from customer transactions that were made through LaCie's website, according to a company statement.
Transactions made between March 27, 2013 and March 10, 2014 were affected, LaCie says. Information potentially compromised includes customer names, addresses, e-mail addresses, payment card numbers and card expiration dates. The company says LaCie website usernames and passwords also may have been accessed, which is why it's requiring a reset of all passwords.
"We have hired a leading forensic investigation firm, who is conducting a thorough investigation, and assisting us in implementing additional security measures," LaCie says. "As a precaution, we have temporarily disabled the e-commerce portion of the LaCie website while we transition to a provider that specializes in secure payment processing services. We will resume accepting online orders once we have completed the transition."
A spokesman for LaCie declined to comment about the investigation. "For the time being we cannot go into any further detail due to the nature of our current investigations," he says. "We will make more information available upon conclusion of our in-depth forensic investigations."
In another recent breach involving a retailer's website, the food company Smucker's notified 23,000 of its online customers that their payment information was compromised following unauthorized access into its systems.