P2013-ND-14

Crafts Americana Group, Inc.

On January 25, 2013, a payment processor notified the Organization about a number of unauthorized transactions involving Organization customers. The Organization investigated and discovered an unauthorized file on one of its servers. The file contained the personal information of customers who had purchased merchandise through 3 of the Organization?s websites. Credit card numbers in the file were matched to unauthorized transactions reported to the Organization. The Organization determined that an unauthorized individual(s) exploited a software vulnerability to access the server and create the file.

File Type: pdf
Categories: 2013
Tags: Unauthorized access