Precious Metal Retailer Payment Information Breach
| Precious Metal Retailer Payment Information Breach | |
|---|---|
| Short Title | Online Gold and Silver Retailer JM Bullion Security Incident |
| Location | United States |
| Date | October 2020 |
| Solove Harm | Insecurity, Interrogation |
| Information | Identifying, Location, Contact, Transactional, Account |
| Threat Actors | JM Bullion, Unidentified hackers |
| Individuals | |
| Affected | JM Bullion users |
| High Risk Groups | |
| Tangible Harms | |
Texas based online retailer of gold and silver products experienced a security incident, where hackers were able to gain access to shoppers’ personal and financial information for nearly 5 months.
Description
In October 2020 JM Bullion, an online retailer of gold and silver products experienced a security incident exposing shoppers’ personal and financial information. JM Bullion’s website was hijacked in February. Hackers managed to inject malicious code into the retailers’ e-commerce page, stealing customers’ names, physical addresses and payment card information, such as account numbers, card expiration dates and security codes.
The incident is an example of Insecurity from the side of retailer. The actions of hackers can be interpreted as Interrogation.
The Texas-based company gave no further details on how the attack took place or the number of people affected.
Breakdown
Threat: Online retailer being not careful about protecting users information from unauthorised access
At-Risk group: Retailer’s customers
Harm: Insecurity
Secondary Consequences:not known
Threat: Hackers probing a website for personal information of its users
At-Risk group:Retailer’s users
Harm: Interrogation
Secondary Consequences: not known