Accuform Signs Data Breach (2015)

Dear [CUSTOMER/CARDHOLDER NAME]: We are contacting you regarding a data security incident that has occurred at Accuform Signs. Essentially, our systems have been illegally hacked into by outside intruders. Beginning at least as early as June 30, 2015, we believe Accuform Signs order information was improperly accessed from our website and/or the website of [DISTRIBUTOR NAME] (with whom we are working closely in order to provide you this joint notification with important information to better protect you). This order information may have included your name, address, email, phone and credit card information. As a result, this information may have been potentially exposed to others. Please be assured that we are taking appropriate steps necessary to address the incident, and that we are committed to protecting the information that you have entrusted to us. We have retained the services of an experienced cyber security and forensic investigative firm to fully investigate the incident, and we have reported the matter to federal law enforcement authorities, including the Electronic Crimes Task Force of the United States Secret Service. Because the breach occurred very recently, the investigations are still ongoing. However, we do know that one or more parties operating through foreign countries illegally accessed our computer network and exfiltrated copies of orders, a portion of which contained purchaser's names, credit card numbers and other related information. We have no information to indicate that any card has yet incurred any unauthorized charges. To better protect you and your information, we have taken immediate steps to further secure all data, including instituting changes in the ways purchase information is processed. Since discovering the breach, Accuform Signs has taken immediate action to identify and block access points, increase tracking and monitoring of activity, further restrict and remove sensitive data, increase anti-virus protection of servers, implement an advanced 2-factor password security system, and require secondary authorization to view credit cards. For nearly 40 years, all of us at Accuform Signs have been dedicated to manufacturing products that inform, protect, and motivate. We are committed to addressing this incident with the same dedication. We are offended by this cyber-attack on your business and our own and regret any inconvenience this incident may have caused you.