Sacramento-based ground(ctrl), which builds social networking sites and other services for musicians, recently began notifying an undisclosed number of users that their personal information may have been exposed when the company's network was hacked.
"Upon learning of the access, we worked to block any further unauthorized access and engaged a leading forensic investigation firm to determine what occurred and assist us in implementing enhanced security measures," company CEO Eddie Meehan wrote in the notification e-mail [PDF].
The investigation found that the unidentified hacker or hackers may have been able to view users' e-mail addresses, passwords, and the last four digits and expiration dates of their credit cards.
"Although we do not store passwords in plain text, we believe the unauthorized person has the ability to conver them to plain text," Meehan wrote.
All users are being advised to change their account passwords, and to do the same on any other sites where they use the same login credentials.
Users with questions are advised to contact ground(ctrl) customer support at (877) 463-2875. While the notification e-mail states that "FAQs and Additional Helpful Information" are available at groundctrl.com/security_faq, the link currently leads to a blank page.