Individuals register on the Organization?s website to receive emails about consumer product, service or event information for a particular geographic location. On April 12, 2013, the Organization became aware that an unauthorized intruder had used compromised credentials to hack into and extract information from the Organization?s servers. The compromised servers contained the above personal information, in addition to other information about terms of agreement, last preferred city, referral source, account information (last update and creation date) and default ID for credit card (not actual credit card number or information). According to audit logs, unauthorized access occurred between April 2 and 12, 2013. Individual information, including the personal information described above, appears to have been accessed and extracted from the servers sometime after April 10, 2013. Investigation into the cause of the incident is continuing.
P2013-ND-31
File Type:
pdf
File Size:
197 KB
Categories:
2013