Malware Exposes Boomerang Tags Customers' Payment Card Data
Customers' names, addresses, payment card numbers, expiration dates and security codes were exposed.
Pet tag manufacturer Boomerang Tags recently began notifying an undisclosed number of customers that their personal information may have been exposed when malware was installed on the server used to host the company's Web site.
The company believes the malware compromised the payment card data (including name, addresses, payment card number, expiration date and security code) of customers who made purchases on the Web site between July 4, 2013 and February 18, 2014.
"Keeping your personal information secure is of the utmost importance to us, and we took steps to address and contain the incident the same day it was discovered," Boomerang Tags owner Don Carrick wrote in the notification letter [PDF]. "We also promptly engaged a computer forensic investigator to perform an investigation, and we have already taken measures designed to prevent this from happening again [in] the future, such as replacing our old payment processor and designing an entirely new Web site with additional security features that will be launched in the near future."
While no credit protection services are being offered to those affected, all recipients of the notification letter are being advised to monitor their credit reports and credit and debit card statements for unusual activity.
Photo courtesy of Shutterstock.