The credit card reader provider has admitted to suffering a cyberattack that potentially exposed more than 10,000 US residents to data theft.
The company says an intruder gained access to its computer systems between May 31st and June 1st. This potentially allowed the threat actor to steal names, financial account and credit or debit card numbers, security and access codes, and account passwords or PINs from people using BankCard’s payment processing services.
BankCard says it discovered the breach almost immediately it occurred but took until July 14th to determine precisely what personal data, which also included Social Security numbers, was exposed. It then notified the Attorney General’s Office in Maine as well as affected customers living there, with BankCard providing written notice to the latter on August 16th.
The state of Maine imposes unusually strict reporting requirements on data breaches affecting its residents — in this case just 32 of the total 10,312 victims, the rest of whom Cybernews understands to be located across the US.
As well as launching an internal investigation into the breach using third-party cybersecurity contractors, BankCard reported the incident to police and says it has since “implemented additional layers of security in our identification and verification processes.”
It adds that it is reviewing its data privacy and security policies and has offered all victims two years’ free credit monitoring and identity theft restoration services.
“BankCard takes the confidentiality, privacy, and security of information in our care very seriously,” it said in the letter of notification to Maine residents. “We encourage you to remain vigilant against incidents of identity theft and fraud by reviewing your account statements and monitoring your free credit reports for suspicious activity and to detect errors.”
A merchant services provider with global reach, BankCard USA claims to support card payments for large and small businesses in more than 190 countries around the world.
More from Cybernews:
Subscribe to our newsletter