Hair products company Ouidad recently began notifying an undisclosed number of customers that their personal information may have been accessed by hackers between June 30 and July 4, 2013.
According to the notification letter [PDF], the company only recently learned of the breach. "Based on our ongoing review, we believe that the attackers gained access to the Ouidad customer database, compromising your Ouidad account information," the letter states.
The information potentially exposed includes customers' full names, credit card numbers, credit card security codes and expiration dates, billing addresses, e-mail addresses and phone numbers, and in some cases, their user names and passwords.
"Upon learning of this incident, we immediately engaged leading security experts and have already implemented changes designed to protect your information from any further unauthorized access," the notification letter [PDF] states.https://o1.qnsr.com/log/p.gif?;n=203;c=204660766;s=9477;x=7936;f=201812281312070;u=j;z=TIMESTAMP;a=20392931;e=i
The company has reset the passwords of all those whose passwords were accessed, and is advising all recipients of the notification letter to review their credit card statements and credit reports. Additionally, Ouidad is offering all those affected one free year of Equifax Credit Watch Gold with Web Detect identity theft protection.