Nearly 1,400 customers' names, mailing addresses, e-mail addresses, credit and debit card numbers, expiration dates and CVV codes were accessed.
Promotional marketing company Shumsky recently notified its customers that its e-commerce platform was breached on May 14, 2013. The company's e-commerce platform provider apparently patched the vulnerability on May 15, and informed Shumsky of the breach on May 16.
According to the notification letter [PDF file], nearly 1,400 Shumsky customers' records were accessed, exposing information including names, mailing addresses, e-mail addresses, credit and debit card numbers, expiration dates and CVV codes.
"Shumsky regrets this incident, has immediately engaged with technical and legal advisors to work through the situation, and put in place updated measures to prevent this from happening again," Shumsky president Anita Emoff wrote in the letter. "Shumsky is also working with the payment card brands concerning the specific payment cards at issue in this incident."
Customers with questions are advised to visit www.shumsky.com/cardinfo.html or call (800) 414-8946.