14 DAY TRIAL // Smartphone accessories online retailer Smartphone Experts has started notifying customers of a data breach. The breach was discovered on July 12, 2013, but the hackers had access to the company’s systems since April 25, 2012.
Forensic investigators have been called in to analyze the incident.
Smartphone Experts operates ShopAndroid, ShopCrackBerry, iMoreStore, WPCentralStore, Crackberry Canada and BlueShop Canada.
The payment information stored on the impacted computer is encrypted. However, the hackers may have been able to use a decryption feature of the system to access names, addresses, credit and debit card numbers, CVVs and card expiration dates.
Customers who have made purchases via PayPal Express Checkout are not affected by the breach.
Also, the company clarifies that CVVs were purged post-authorization. However, the hackers might have obtained the information from orders in the pre-authorization stage.
“Out of an abundance of caution, we are notifying you of the incident so that you can take steps to protect your card from any attempted misuse. We recommend that you remain vigilant to the possibility of unauthorized charges on your credit card by reviewing your account statements,” the letter sent to impacted individuals reads.
Customers have not been offered free credit monitoring services.
As DataBreaches highlights, this shouldn’t really be considered an “out of an abundance of caution” case, and customers should be offered free monitoring services. The hackers had access to the company’s systems for over a year and they could have easily gained access to all sorts of sensitive data.
In fact, some of Smartphone Experts’ customers have already reported falling victim to card fraud that might be connected to this incident.