Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Click2Mail Informs Users of Data Breach

United States Postal Service (USPS) affiliate Click2Mail.com has started sending out notices to some of its users about a data breach that impacted their personal information.

United States Postal Service (USPS) affiliate Click2Mail.com has started sending out notices to some of its users about a data breach that impacted their personal information.

Click2Mail allows customers to create, personalize, and proof mailpieces, as well as to acquire, build, and manage mailing lists. With the help of Click2Mail’s web browser-based tools, users do not need to manually handle postage or transport to a post office.

The security incident was discovered on October 4, 2019, and the intrusion was closed on the same day. However, the attackers were in the system long enough to exfiltrate a great deal of information on registered Click2Mail users.

In the notification sent to their users, Click2Mail specifies that personal information the attackers may have compromised includes name, organization name, account mailing address, email address, and phone number.

“On October 4th, 2019 it was discovered that registered Click2Mail users’ names and email addresses were being used by unknown parties to send multiple spam emails. Technical analysis of our systems detected an intrusion point that was closed that same day,” the message reads.

The notification, which Click2Mail has shared with SecurityWeek via email, also points out that the service does not store credit card data on its systems.

Click2Mail has retained a cyber-security firm to investigate the data breach and the organization’s IT systems and security protocols.

“Our goal is to assure that our systems are as secure as possible to protect your personal information and mailing data. As always, we recommend you do not respond to any suspicious emails or click on any active links contained in messages sent by unknown senders,” Click2Mail told users.

Advertisement. Scroll to continue reading.

Click2Mail also informed SecurityWeek that, while they have no additional details to share on the data breach at the moment, they continue to investigate the incident.

Just over 200,000 users are expected to receive the notification.

Related: 562,000 Impacted in XKCD Forum Data Breach

Related: Security Firm: Data Breach Exposes Millions of Ecuadorians

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Karl Triebes has joined Ivanti as Chief Product Officer.

Steven Hernandez has joined USAID as CISO and Deputy CIO.

Data security and privacy firm Protegrity has named Michael Howard as its CEO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.