LaCie Admits Customer Data Was Breached For A Year

You may be familiar with LaCie, a French company that makes computer hard drives. They’re now owned by Seagate, and maintain their own online storefront, which was one of many hit by hackers in a recent credit card data breach. This time, the baddies exploited vulnerabilities in the Web application platform ColdFusion. This breach has been ongoing for almost an entire year.

LaCie claims that they’ve contacted affected customers that they’ve been able to identify, but that anyone who has used a payment card on their site between March 27, 2013 and March 10, 2014. They believe that customers’ names and addresses and possibly usernames and passwords were also affected by the breach, and reset all passwords on the site as a precaution.

Shadowy but usually reliable sources told the site Krebs on Security that the people behind these smaller breaches might be the very same outfit that stole as many as 150 million customer records from Adobe in 2013, and information from major data brokers like LexisNexis and Dun & Bradstreet earlier that same year.

Hardware Giant LaCie Acknowledges Year-Long Credit Card Breach [Krebs on Security]
LaCie Incident Notification [LaCie]