SAN FRANCISCO (CBS SF) — Thousands of customers’ credit card data was compromised during a data breach of BevMo’s website, according to a notice filed to the California Attorney General’s Office.
According to Tamara Pattison, Chief Marketing and Information Officer for the Concord-based alcohol retailer, the amount of customers affected by the breach is close to 15,000.
An investigation by NCR Corporation, the service provider that operates BevMo’s website, found that an unauthorized individual gained access to the site and installed “malicious code” on the checkout page.
BevMo said that the code was designed to capture payment information from any orders placed between August 2 and September 26.
The code captured customers’ names, credit or debit card numbers, expiration dates, CVV2 codes, billing addresses, shipping addresses and phone numbers.
BevMo said that NCR Corporation removed the code and collaborated with a third-party forensic firm to assist in further investigation. BevMo has also been conducting their own investigation and has been in contact with law enforcement and credit card companies.
If you’d like more information from BevMo about the breach, Pattison says to contact an official at (877) 565-6276.