Midwest Supplies to send breach notification letters to online customers following hack (Update 2)
It seems that homebrewing supplier Midwest Supplies, LLC of Minnesota had a security breach on June 13 that they discovered on July 19. Letters should be going out within a few days to those affected.
In a letter dated August 31 that has been submitted to the California Attorney General’s Office, David Kidd, President of Midwest Supplies, writes that “Despite our best efforts, the security of our website was breached by an outside party. Your credit card information might have been improperly viewed including your name, address, email address, telephone number, credit card number, expiration date and security code.”
As soon as the firm discovered the breach, they acted quickly to control it and to prevent a recurrence, Kidd writes.
Affected customers are not being offered any free credit monitoring services, it seems. Instead, with their sincere apologies, the firm has offered a $25 coupon on future purchases.
Update: The notification to the New Hampshire Attorney General’s Office adds some details, including that the window of potential compromise may have begun in February. The firm notified 29 residents whose transactions occurred in June – July, and another 93 whose transactions occurred between February and June.
Update 2: 116 Maryland residents made transactions during the June-July window, and another 341 may have had data exposed earlier. Because the firm could not conclusively determine the latter, those customers were notified, too.