WA: Months after they learned of Vendini breach, Edmonds Center for the Arts first notifying customers
In an email sent to more than 13,000 customers Monday, the Edmonds Center for the Arts warned that hackers earlier this spring had broken into the computer databases of Vendini, Inc, the ECA’s online ticket sales agent — raising the possibility that individual credit card information might have been compromised.
ECA Executive Director Joe McIalwain said that the ECA delayed notifying patrons to avoid interfering with an investigation by federal authorities into the incident, and that he is confident that Vendini has addressed the issues related to the security breach.
“We found out about this in late May,” McIalwain said. “At that point the federal investigation was still ongoing, and Vendini advised us to hold off informing our customers for the time being. Things have now progressed to where we can share this information, and we responded with this morning’s email to our customers and patrons.”
Read more on My Edmonds News.
Since other customers were notified in June and Vendini even notified New Hampshire on June 21 that it was concerned that not all clients had notified customers, this delayed notification by ECA seems questionable. I would like to know when ECA actually asked Vendini whether it was okay to notify or when Vendini last contacted them with the “all-clear” to notify. ECA did not respond to an email inquiry sent to them about the delay in notification.