P2017-ND-162

The Organization previously notified customers that an unknown third party compromised the Organization?s e-commerce website and may have been able to access customer payment card information during the period from October 26, 2016 to May 30, 2017 and August 28, 2017 through September 5, 2017. The previous notifications were based on findings from security firms and a report from a Payment Card Forensic Investigator (“PFI”) engaged by the Organization.

In mid-October 2017, the investigation found that payment card information used on the e-commerce website may have been compromised during a longer period of time than initially determined and reported; specifically, during the period from October 26, 2016 through October 13, 2017 and October 15-19, 2017.

The Organization reported the incident(s) were discovered as a result of ?working with computer security firms.?

File Type: pdf
File Size: 332 KB
Categories: 2017