North Carolina-based consumer electronics company Mohu – an unincorporated division of GreenWave Scientific, Inc. – is notifying approximately 2,500 customers that credit card information and other data was compromised during an attack on the www.gomohu.com website.
How many victims? Approximately 2,500.
What type of personal information? Names, addresses, email addresses, phone numbers, credit card numbers, expiration dates and CVV codes.
What happened? An attacker penetrated Mohu's security systems, inserted malicious code into Mohu's computer systems, and removed the personal information.
What was the response? Mohu is conducting a review of potentially affected computers systems. Mohu has implemented additional security measures to prevent a similar attack and to protect the privacy of customers. All affected individuals are being notified, and offered a free year of credit monitoring services.
Details: Mohu detected and removed the malicious code from its systems on July 28. Mohu's computer systems were compromised between June 3 and July 28. At least one Twitter user reported fraudulent use of their credit card that seems to be a result of the attack.
Quote: “Mohu has hired two security consulting firms to review and make recommendations for further improving Mohu's electronic security measures,” a notification letter sent to the Office of the New Hampshire Attorney General said.
Source: doj.nh.gov, “Report of Breach of Security,” Aug. 10, 2015.