Massachusetts-based automotive parts seller ID Parts is notifying roughly 12,000 individuals that malicious code was inserted into the functions that process customer payment information on the ID Parts website, and their credit card information was stolen.

How many victims? Roughly 12,000.

What type of personal information? Credit card numbers, expiration dates, and CVV/CVV2 security codes.

What happened? Malicious code was inserted into the functions that process customer payment information on the ID Parts website, and customer credit card information was stolen. The information was then emailed to an unknown third party.

What was the response? The malicious code was immediately disabled upon discovery, and was isolated in a development environment for investigation and testing. ID Parts conducted a server-wide search of related code and did not identify any additional instances of malicious code. ID Parts changed the passwords on all system accounts associated with its domain, and is reviewing data security policies and procedures. All impacted individuals are being notified.

Read the Full Article: Source – SC Magazine
http://www.scmagazine.com/malicious-code-on-id-parts-website-credit-card-data-of-12k-customers-stolen/article/391592/

source not found