Vermont's Shelburne Country Store recently began notifying an undisclosed number of online customers that their credit card information may have been exposed when the store's payment processing system was breached between November 13, 2013 and Janury 6, 2014.
All customers who made an online purchase during that time period are being notified of the breach, which was discovered on January 9, 2014.
Information potentially exposed includes customer names, addresses, credit or debit card numbers, expiration dates and verification codes.
"We are extremely disappointed that this happened and sincerely apologize for any inconvenience this may cause," store owners Steve and Deb Mayfield wrote in the notification letter [PDF]. "Please be assured, we are working with Federal and State authorities to thoroughly investigate this matter in the hopes of stopping the criminals from committing these crimes again."
All those affected are being offered one free year of identity protection services from AllClear ID.
"It's a small Web site," Steve Mayfield told idRADAR. "It's a small store. Unfortunately, the hackers are more well versed in this type of thing than we are. It's tough to keep pace."
Photo courtesy of Shutterstock.