SourceBooks Confirms Card Breach

Intruders Compromised Shopping Cart Software
SourceBooks Confirms Card Breach

Publisher SourceBooks is warning its customers about a breach that resulted in unauthorized access to credit card information. A third-party forensic audit is under way to determine the extent of the breach.

See Also: How to Scale Your Vendor Risk Management Program

SourceBooks says that the breach involved the compromise of shopping cart software that supports several of the publisher's websites, according to its breach notification letter. The window of compromise was from April 16 to June 19.

During that time, unauthorized parties were able to gain access to customer credit card information, including card number, expiration date, cardholder name and card verification value. In addition, the cyber-attackers also were able to view billing information, such as name, phone number and address. In some cases, account passwords were obtained as well, SourceBooks says.

Following the incident, the publisher says it has taken several steps, including implementing new security measures in accordance with the Payment Card Industry Data Security Standard and reviewing its internal processes so that it's better able to identify any potential issues as quickly as possible.

"I know this breach may have had a very real impact on you, causing frustration and concern," says Dominique Raccah, CEO and owner of SourceBooks. "We share those feelings. You trusted us with your information, and you deserve better."

SourceBooks did not immediately respond to a request for additional information.


About the Author

Jeffrey Roman

Jeffrey Roman

News Writer, ISMG

Roman is the former News Writer for Information Security Media Group. Having worked for multiple publications at The College of New Jersey, including the College's newspaper "The Signal" and alumni magazine, Roman has experience in journalism, copy editing and communications.




Around the Network