My Freedom Smokes Website Burnt by Malware

Posted on

The nefarious, encrypted strings were discovered on March 16, 2015, but following an investigation into the incident the administrators determined that the initial date of the breach may go as far back as February 11.

Payment card information may be at risk

Once the unauthorized code was discovered, the admins proceeded to removing it and strengthening the security measures on the website for increased protection of the data stored.

The security improvement efforts were assisted by a specialized company. As part of this process, My Freedom Smokes changed the method for taking online orders, although it had already relied on encrypted communication with the clients and the card processor gateway machine was encrypted during the breach period.

My Freedom Smokes Website Burnt by Malware
My Freedom Smokes Website Burnt by Malware

According to a notification from the company, the financial information that may have been grabbed by the attacker includes names, physical addresses, email addresses, telephone numbers, credit card numbers, expiration dates and the card verification value (CVV) code.

Basically, all the data needed for placing an order on the website (or on any other online store) during the aforementioned period may have been exposed.

Customers incurred fraudulent charges

The company informs that the payment card numbers it stores are only partial and that CVVs are not saved on its infrastructure.

Some of the My Freedom Smokes customers have reported fraudulent charges on their payment cards during the breach period. However, it is unclear if the illegal activity was due to the compromise of this retailer or a different one.

Unlike in the case of other data breach incidents, My Freedom Smokes does not offer complimentary subscription to an identity protection service; this step is not mandatory, though.

On the other hand, it provides tips on keeping safe from malicious activity and recommends reviewing the bank account statements for irregular transactions.



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s