The French computer hardware company LaCie announced this week that they had fallen victim to a “major security breach that put sensitive customer information at risk for nearly a year“, according to an article published on the PC World Magazine website. Lacie cannot confirm “what information has been compromised” but, according to the article, they say that the data may include “customer names, email addresses, credit card numbers, and card expiration dates” – enough private information to cause some serious trouble.
The breach came after a “malware intrusion” which, according to the report, could have possibly allowed the invaders to successfully retrieve information from Lacie’s “online storefront” between “March 27, 2013 and March 10, 2014“. Entering this environment with the specific level of access they obtained, these attackers may have been able to steal “everything a malicious attacker would need to post fraudulent charges to a LaCie customer’s credit card“, according to the article. The report goes on to confirm that, “LaCie has disabled its e-commerce site as a precaution and will reboot the online storefront after moving to a secure payment processing service.”
The article indicated that the company “did not mention how the intrusion happened” but is in process of “resetting every user’s password” as a precautionary step since they are not certain if this was actually compromised. The company recently announced that consumers who purchased their products “directly from LaCie between March 2013 and March 2014” should review “credit card statements for any fraudulent charges.” for their customers to “keep an eye on their credit reports“, according to the report.