Exploit: Unauthorized Database Access
Made in Oregon: Specialty Gift Retailer
Risk to Small Business: 1.669 = Severe
Customers of gift retailer Made in Oregon got a little something extra when they purchased their treats – a side order of fraud. For more than 6 months, cybercriminals gained access to its e-commerce site, stealing payment information for transactions that occurred between the first week of February 2020 and the last week of August 2020.
Individual Risk: 1.669 = Severe
Customers who made an online purchase from Made in Oregon may have had their name, billing address, shipping address, email address, and credit card information compromised. The company has sent out notices to people who could be impacted, warning of identity theft and spear phishing dangers.
Customers Impacted: 7,800
How it Could Affect Your Customers’ Business: Information that is stolen in incidents like this often ends up on the Dark Web in a data dump or information market where it powers cybercrime for years to come.
Source:
https://www.infosecurity-magazine.com/news/oregon-retailer-suffers-sustained