Breach, Data Security

Grill parts website experiences system intrusion, payment card breach

Share

Florida-based Barbecue Renew – which sells grill parts through its website www.grillparts.com – is notifying an undisclosed number of individuals that their payment card data may have been compromised as a result of a series of cyber attacks on its web server.

How many victims? Undisclosed. Barbecue Renew did not immediately return a SCMagazine.com request for the information.

What type of personal information? Names, addresses, payment card numbers, expiration dates, and security codes. 

What happened? Barbecue Renew received common point of purchase (CPP) notifications informing the company of three instances of suspicious and potentially fraudulent activity originating from payment cards used on the www.grillparts.com website.

What was the response? Barbecue Renew fixed the vulnerability that was suspected of having been exploited by attackers by either removing or fixing vulnerable web pages. An investigation is ongoing. All impacted individuals are being notified, and offered a free year of identity theft protection services.

Details: From January 2014 to October 2014, cardholder data was exposed on three separate occasions for various lengths of time due to a cyber attack against Barbecue Renew's web server. Barbecue Renew received a CPP notification in October 2014 regarding at least two incidents of suspicious and potentially fraudulent activity. The vulnerability that was suspected of having been exploited by attackers was addressed by Oct. 21, 2014. Barbecue Renew received another CPP notification on Nov. 12, 2014, regarding a third instance of suspicious and potentially fraudulent activity.

Quote: “We are working with leading IT security firms, data privacy and protection attorneys, law enforcement and payment industry contacts to continue to address this incident,” according to a notification letter. “Additionally, we are devoting all necessary resources to our ongoing efforts to enhance our information security policies and procedures in light of this incident to minimize the risk of such incidents in the future.”

Source: oag.ca.gov, “Barbecue Renew Consumer Notification Sample,” Jan. 16, 2015; oag.ca.gov, “Barbecue Renew FAQs,” Jan. 16, 2015.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.