Summary: Avery Products, the world’s largest label supplier, revealed that a ransomware attack in December led to the discovery of a data breach affecting approximately 67,000 customers. The investigation found that malware inserted into their payment processing application allowed hackers to scrape sensitive information, including credit card details. Despite initially believing that the stolen information hadn’t been used, the company later acknowledged the possibility of fraudulent charges and phishing emails related to the breach.
Affected: Avery Products
Keypoints :
- Ransomware attack discovered on December 9 prompted an investigation.
- Malware was used to scrape credit card information from July 18, 2024, to January 5, 2025.
- Stolen data included names, billing and shipping addresses, phone numbers, and payment card information.
- Two customers reported fraudulent charges and phishing emails linked to the breach.
- No immediate evidence connecting the ransomware attack with the data scraping incident was established.
Source: https://therecord.media/avery-products-ransomware-data-breach-notification