“To date, our extensive review has not uncovered any direct evidence that information was stolen, and we have taken steps to stop the unauthorized access,” reads a letter [PDF] sent out today by Dow Jones CEO William Lewis. “We devote substantial resources to cybersecurity and we want to assure you that we are taking additional steps to further fortify our systems.”
Lewis says that the Dow Jones attack appears to part of a broad campaign by hackers to “obtain contact information such as names, addresses, email addresses and phone numbers of current and former subscribers in order to send fraudulent solicitations.”
While contact info was the target of the breach, Lewis admits that information on up to 3,500 payment card accounts may have been compromised, “although we have discovered no direct evidence that information was stolen.”
Those customers are receiving a second piece of correspondence with more details on what the company is doing.