Texas liquor chain waited a year and a half to say anything about customer data breach
Credential-stealing malware; Network intrusion; User accounts compromised
Banking information on over half a million customers might have been compromised at Spec's alcohol stores statewide.
The company disclosed the hacking on March 28, 2014.
The breach is believed to have started on Oct. 31, 2012 and continued through as late as March 20, 2014.
“Hints the computer system had been compromised began to surface early last year” but federal authorities asked Spec’s not to divulge details until last week, the Houston Chronicle reports.
Customer Rick Dardenne said he learned of the infiltration after receiving a new Amegy Bank card in the mail. He called the bank and “asked if the switch was because he had shopped at Target. The customer service rep told him that there had also been a breach at Spec's,” the Chronicle reports.
"I don't like being kept in the dark," Dardenne told the Chronicle. "Target at least communicated with the customers sooner."
Company officials said that after receiving alerts from a major lending institution and a firm that processes many of its payments, Spec's brought in private investigators and the Secret Service.
A company spokeswoman said Spec's "has not taken any personnel action, nor based on what we know from the Secret Service do we see any reason to."
The data exposed might include customers' bank routing numbers, card security codes and other payment card and check information.
ThreatWatch is a regularly updated catalog of data breaches successfully striking every sector of the globe, as reported by journalists, researchers and the victims themselves.
Food and Beverage
March 28, 2014
Link to report
fewer than 550,000 customers and employees
location of breach
Texas, United States
location of perpetrators
date breach occurred
Between Oct. 31, 2012 and as late as March 20, 2014
date breach detected