Missing Link Networks Inc., a credit card processor and point-of-sale vendor that serves a number of wineries in Northern California and elsewhere, disclosed today that a breach of its networks exposed card data for transactions it processed in the month of April 2015.
Earlier this week, I heard from a source at one of Sonoma, Calif.’s fancier wineries that their card processor had been breached. On Tuesday, I reached out to Calistoga, Calif. based Missing Link. Today, the company responded that it had begun notifying its customers about the incident, and that it was working with law enforcement and the card associations on an investigation.
“Beginning on May 27, 2015, we began notifying our winery customers that eCellar Systems, our consumer-direct sales platform, had been breached during the month of April, 2015 by an unknown intruder,” the company’s founder and CEO, Paul Thienes, said in a written statement. “To that end, each of our winery clients will be sending out notice of this event to their customers and it is likely that individual consumers may receive a similar notice from multiple wineries.”
“The intruder gained access to customer names, credit/debit card numbers, the related billing addresses, and any dates of birth in our system during the window of April 1st through 30th this year,” Thienes wrote. “The intruder did not have access to any driver license numbers, Social Security numbers, CVV verification numbers, or PIN numbers (data which we would typically not collect anyway). We have identified and secured the method that was used to breach our platform. Additionally, to prevent a future reoccurrence, we are in the process of converting to a ‘token’ system so that credit card numbers will no longer be stored by the eCellar platform.” Continue reading →