14 DAY TRIAL // Cybercriminals managed to infiltrate malware on the web server hosting Flinn Scientific’s online store and exfiltrated customer payment information since May 2, this year.
Located in Batavia, IL, Flinn Scientific is a prominent provider of science education supplies for students and teachers alike, as well as safety equipment for conducting science experiments in class.
The unauthorized access to the computer system storing payment information was discovered on September 8, when the company proceeded to remove the malicious software and started monitoring the machine to make sure that customer data is safe from illegal access.
There is no information on the method used by the attacker to plant the malware, but an investigation determined that the details exposed included payment card number, card verification code, expiration date, name, address, and email address.
Flinn Scientific started delivering letters to customers that made one or more purchases through the website during the four-month duration of the breach, assuring that additional security measures have been installed to close the door on the vulnerability that allowed compromising the web server.
All customers receiving a breach notification from the company are offered one-year of identity protection service from a reputable entity, at no cost for them.