Major U.S. multinational labeling and packaging solutions manufacturer Avery Products Corporation had information from 61,193 customers stolen following a ransomware attack against some of its systems early last month, BleepingComputer reports.
Investigation into the incident revealed that Avery's website had been compromised with a credit card skimmer that enabled the exfiltration of individuals' names, billing and shipping addresses, phone numbers, email addresses, payment card details, and purchase amounts inputted in the website between July 18 and December 9, said the firm in a data breach notification filed with the Office of the Maine Attorney General. "We do not know if fraudulent charges are related to our website incident, but it now appears possible that payment card (and other) information may have been acquired as we received two emails from customers who indicated that they incurred a fraudulent charge and/or phishing email," said Avery in the notice, which also noted a year's worth of complimentary credit monitoring services for people affected by the incident.