Winery credit card processor breach MERGED

Received this email today from a winery in California that I am on the allocation list:

“We are writing to inform you that our third-party ecommerce provider, Missing Link Networks, Inc. (MLN), was the subject of a recent data security incident. MLN notified us of this incident on May 27, 2015. You are receiving this letter because your credit card number on file may have been among the data compromised. It appears that list member names, credit card numbers, related payment addresses and dates of birth may have been compromised during the window of April 1, 2015 – April 30, 2015. Since MLN is widely used in the wine industry, you may be hearing from other wineries whose data was compromised in the same incident.”

Check those card statements.

Can you let us know the winery?

Kosta Browne

Yep, KB was mine too.

Same topic here

I got this today too. I haven’t bought anything from them in 3 years, so I was pretty surprised.

You’d be surprised how many small businesses are run on antiquated, non-PCI compliant software - which will hold your CC info indefinitely…

Moden systems are supposed to hand all CC info to the processor and use a token for future purchases, but it’s not cheap to make the switch.

I am guessing that’s exactly what happened in this case and that’s pretty upsetting. Any card I used 3 years ago would be out of date (since the numbers and expiration dates have changed), but I am always worried more about identity theft than fraudulent charges.

I’m not sure what could be done with name and address information with an expired CC. The larger issue is older systems that have your SSN and birth date - the doctor, dentists, schools, etc. That is where the real risk of identity theft is.

Just got the email notification from Patz & Hall )-:

Got the same from Scott Paul Winery

KB offered a year of fraud protection via Experian, got info and signed up as a just in case.

Add Turley to the list. Classy move by Kosta Browne to offer the Experian subscription.

The best part of this is my CC was already replaced within the last couple weeks for another breach so the number they got is no longer valid. Now I just need to move and change my birthdate.

Seriously though, I have had my card replaced at least 3 times in the last year. It is getting old.

No problem found here yet bu man when I think of how many wineries and wine retailers have my credit card info on file it makes me shudder.

=====

Turley Wine Cellars regrets to inform you that we have learned of a possible security incident with our consumer direct sales systems provider, Missing Link Networks, Inc. (Calistoga, CA). Missing Link informed us that they experienced a breach by an unknown intruder that may have involved access to customer names, credit/debit card numbers, related payment addresses and dates of birth.

We sincerely apologize for the concerns that arise from the compromise of personal information. Missing Link has assured us that the breach has been contained and Missing Link has taken aggressive steps to prevent this type of event from occurring in the future.

Here are some of the key details:

The breach apparently occurred between 4/1/15 and 4/30/15 by an unknown intruder, and the intrusion was discovered by Missing Link on 5/13/15. We were first informed of this by Missing Link on 5/27/15. Information that may have been obtained includes: credit/debit card numbers, customer names, billing address and birth dates
Missing Link states that the breach has been contained and any future transactions will be secure
Any stolen data did not include the CVV code, making fraudulent transactions more difficult
Your bank has been notified, government authorities have been informed and are active in the investigation
You are not liable for any fraudulent charges if you give prompt notice to your credit card issuing bank upon seeing such charges on your statement
We encourage you to monitor your credit and debit card accounts and to notify your bank immediately if you notice anything suspicious. Contact information for the three major credit bureaus is below
Equifax
P.O. Box 105069
Atlanta, Georgia 30348-5069
www.equifax.com
1.800.525.6285

Experian
P.O. Box 2020
Allen, TX 75013
www.experian.com
1.888.397.3742

TransUnion
P.O. Box 2000
Chester, PA 19022-2000
www.transunion.com
1.800.680.7289

If you need assistance with fraud reporting, we are working with the Identity Theft Resource Center (ITRC) to provide fraud and identity theft counselors to you 24 hours a day / 7 days per week. If you experience any fraudulent activity on your credit card statements, you may contact the ITRC at http://www.idtheftcenter.org, e-mail at itrc@idtheftcenter.org or phone (888) 400-5530.

Additional recommendations for protecting your information and any public updates regarding this investigation can be found at Missing Link’s website here.

Thank you for your patience and understanding. The mailing list team is here to answer any questions that you may have at mailinglist@turleywinecellars.com or 805-434-1030.

Sincerely,

Rich Richardson
CEO/General Manager
Turley Wine Cellars

Seems like an everyday occurrence these days. Luckily that cc was just renewed with a chip and new ccv. Hopefully that’ll help.

There other threads on this.

Yep, got this today.
Turley Wine Cellars regrets to inform you that we have learned of a possible security incident with our consumer direct sales systems provider, Missing Link Networks, Inc. (Calistoga, CA). Missing Link informed us that they experienced a breach by an unknown intruder that may have involved access to customer names, credit/debit card numbers, related payment addresses and dates of birth.

I’m not sure how as I just got this notice today.

Because it’s MLN (not Turley) that was hacked, multiple wineries were affected, and notices have been going out to customer lists all week Winery credit card processor breach MERGED - WINE TALK - WineBerserkers