STORAGE MAKER Lacie has revealed a security breach affecting visitors to its website, who might have had their credit card details swiped.
A hacker repeatedly exploited a flaw in the Lacie website, using malware to gain access to customer details. The incident only came to light when the US Federal Bureau of Investigation (FBI) contacted Lacie on 19 March.
Anyone who made a credit card purchase on the Lacie website between 27 March 2013 and 10 March 2014 appears to have had their personal information compromised, including names, addresses, email accounts and payment card details.
Lacie has reset all passwords for the website, as these are likely to have been accessed too. The company is in the process of contacting affected customers by email.
In a statement, the company advised, "If you see a fraudulent charge on your card, please immediately contact the bank that issued your card. Major credit card companies typically guarantee cardholders will not be responsible for fraudulent charges. Please be on the lookout and review your account statements for any unauthorized activity."
The company, which was bought by Seagate last year, recently announced what it claims to be the world's fastest portable hard drive, aimed at the 4K video market. With a price of over £1,000, this level of spending potential might have been what attracted hackers to target Lacie specifically.
A "leading forensic investigation firm" is attempting to track down the cuprit, while Lacie is working on better security measures. In the meantime, the shopping part of the website has been disabled. µ
It's time for our regular two-step through the Google news
Bug bounty offer: accepted