LaCie warned its customers on Monday of a credit card breach that lasted almost a year. The company said that unauthorized persons gained access to customer transactions that took place between March 27th, 2013 and March 10th, 2014, and that it was taking its ecommerce service offline while, "we transition to a provider that specializes in secure payment processing services."
TMO Artist's Rendition of Break-in
The company did not explain why it wasn't already using "a provider that specializes in secure payment processing services," but that's just nit-picking.
"We began notifying affected customers on April 11, 2014," the company said in an "incident notification." "If you used your card on LaCie’s website between March 27, 2013 and March 10, 2014 and did not receive a letter, you should review the additional information below on ways to protect yourself."
LaCie, which is currently owned by Seagate, didn't specify that credit card numbers were compromised, but it warned customers to watch for fraudulent activity.
KrebsOnSecurity reported that the break-in exploited a vulnerability in Adobe's ColdFusion, and that it may have been part of a wide-spread series of attacks on other online databases.
Image made with help from Shutterstock.