BevMo leaks credit card data (including CVVs) of 15,000 customers

American alcohol retailer BevMo has suffered a breach that leaked credit card data, including security codes, belonging to 15,000 customers.

A privately-held corporation based in Concord, California, BevMo sells mostly alcoholic beverages. The company was founded in January 1994 as Beverages & More and was re-branded as BevMo in January 2001. As of 2013, the company operates 148 stores.

California attorney general’s office received a notice from BevMo this week that someone planted malware on its checkout page, the Associated Press reports. The code was designed to steal customers’ names, credit and debit card numbers, expiration dates, CVV codes (the three-digit security code used to confirm transactions), billing addresses, shipping addresses and phone numbers.

NCR Corporation, the service provider that operates BevMo’s website, removed the malware soon after it learned of the breach. However, the personal and financial information of some 15,000 customers is reportedly already in the wrong hands. NCR is now collaborating with a third-party forensic firm to assist in further investigation. BevMo, for its part, has been in contact with law enforcement and credit card companies, and is conducting its own investigation into the breach.

According to Tamara Pattison, BevMo’s Chief Marketing and Information Officer, if you’ve placed an order with BevMo between August 2 and September 26 you might be one of the 15,000 customers whose data was stolen by hackers. In such a case, you can contact a company official at (877) 565-6276.

 



*** This is a Security Bloggers Network syndicated blog from HOTforSecurity authored by Filip Truta. Read the original post at: https://hotforsecurity.bitdefender.com/blog/bevmo-leaks-credit-card-data-including-cvvs-of-15000-customers-20685.html