Precious Metal Retailer Payment Information Breach

From Privacy Wiki
Jump to navigation Jump to search
Precious Metal Retailer Payment Information Breach
Short Title Online Gold and Silver Retailer JM Bullion Security Incident
Location United States
Date October 2020

Taxonomy Insecurity, Interrogation
Information Identifying, Location, Contact, Transactional, Account
Threat Actors JM Bullion, Unidentified hackers

Individuals
Affected JM Bullion users
High Risk Groups
Secondary Consequences

Texas based online retailer of gold and silver products experienced a security incident, where hackers were able to gain access to shoppers’ personal and financial information for nearly 5 months.

Description

In October 2020 JM Bullion, an online retailer of gold and silver products experienced a security incident exposing shoppers’ personal and financial information. JM Bullion’s website was hijacked in February. Hackers managed to inject malicious code into the retailers’ e-commerce page, stealing customers’ names, physical addresses and payment card information, such as account numbers, card expiration dates and security codes.

The incident is an example of Insecurity from the side of retailer. The actions of hackers can be interpreted as Interrogation.

The Texas-based company gave no further details on how the attack took place or the number of people affected.

Breakdown

Threat: Online retailer being not careful about protecting users information from unauthorised access
At-Risk group: Retailer’s customers
Harm: Insecurity
Secondary Consequences:not known

Threat: Hackers probing a website for personal information of its users
At-Risk group:Retailer’s users
Harm: Interrogation
Secondary Consequences: not known

Risk Statistics

Laws and Regulations

Sources

https://hotforsecurity.bitdefender.com/blog/online-precious-metal-retailer-warns-customers-of-payment-info-breach-24464.html