Cybercrime

Smucker’s Shutters Online Store After Breach

Long time condiment maker Smucker’s was forced to shut down its online store after hackers breached the site and obtained customer and payment card information.

Mike Lennon

March 5, 2014

Long time condiment maker Smucker’s was forced to shut down its online store after hackers breached the site and obtained customer and payment card information.

“We deeply regret that an incident resulting in the illegal and unauthorized access to data files within our Online Store occurred,” Richard Smucker, Chief Executive Officer at Smucker’s wrote in a message to customers.

“Unfortunately, we believe the unauthorized user may have obtained access to the personal information of some of our consumers, including name, address, email address, phone, credit or debit card number, expiration date, and verification code,” Smucker wrote. “The unauthorized user utilized a sophisticated scheme to illegally obtain this personal information as it was being entered during the online checkout process.

The company did not say how many individuals or payment card numbers were compromised.

According to Brian Krebs, Smucker’s was one of several dozen firms hacked last year by the same criminal gang that breached some of the biggest data brokers.

Smucker said the company will continue to investigate the breach with federal authorities, and has taken steps to rectify the cause of the incident with its online store.

Brian Krebs has more interesting details on the incident in this blog post.

*Updated

Advertisement. Scroll to continue reading.

Written By Mike Lennon

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Latest News

Click to comment

CIEM Chat: How to Reduce Cloud Identity Risk

March 26, 2024

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Virtual Event: Ransomware Resilience & Recovery Summit

April 17, 2024

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

You Against the World: The Offenders Dilemma

Foreign attackers have many more toolsets at their disposal, so we need to make sure we’re selective about our modeling, preparation and how we assess and fortify ourselves. (Tom Eston)

Why Intelligence Sharing Is Vital to Building a Robust Collective Cyber Defense Program

With automated, detailed, contextualized threat intelligence, organizations can better anticipate malicious activity and utilize intelligence to speed detection around proven attacks. (Marc Solomon)

Know Your Audience When Speaking to Security Practitioners

How can security practitioners make sense of the vendor landscape and separate those who talk a good game from those who can execute, perform, and solve real problems for enterprises? (Joshua Goldfarb)

Cybersecurity Mesh: Overcoming Data Security Overload

A significant cybersecurity challenge arises from managing the immense volume of data generated by numerous IT security tools, leading organizations into a reactive rather than proactive approach. (Torsten George)

The OODA Loop: The Military Model That Speeds Up Cybersecurity Response

The OODA Loop can be used both by defenders and incident responders for a variety of use cases such as threat assessment, threat monitoring, and threat hunting. (Etay Maor)

Cybercrime

Comodo Forums Hacked via Recently Disclosed vBulletin Vulnerability

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Eduard KovacsOctober 1, 2019