Online Retailer NoMoreRack.com Investigates Possible Customer Card Breach

By

Reuters, citing the cybersecurity blog KrebsOnSecurity.com, is reporting the Online retailer NoMoreRack is "going through its second forensic audit in seven months to investigate a potential breach of customer card data."

The company has been notified by Discover about the potential breach.

NoMoreRack has been working with Trustwave, an information security compliance company, but said there has yet been "clear cut evidence" of a successful data breach.

"So as of last week, we engaged with Trustwave again to undergo another audit. We have been hearing complaints from banks, but apart from that, and we've done our analysis and due diligence, and there is nothing seriously we can find that may have resulted in customer cards being compromised," said Vishal Agarwal, NoMoreRack's Director of Business Development, in a statement.

The company was first alerted the company last August that its system reached "a likely point" of compromise.

"Between November 1, 2013 and January 15, 2014, the company had determined there were more incidents of fraud tied to cards that were all used at the company's online store," according to news reports.

"So, as of last week, we engaged with Trustwave again to undergo another audit," Agarwal said.

"We have been hearing the complaints from banks, but apart from that, and we've done our analysis and due diligence, and there is nothing seriously we can find that may have resulted in customer cards being compromised," Agarwal added.

NoMoreRack also worked with "Trustwave to ensure that its systems are compliant with the Payment Card Industry (PCI) standards," according to the Krebs blog.

"A set of requirements designed to ensure that all companies that process, store or transmit credit card data maintain a secure environment."

Visa Inc and MasterCard Inc also announced that they were had launched a cross-industry group, "in which they were seeking to improve security for card transactions "and press U.S. retailers and banks to meet a 2015 deadline to adopt technology that would make it safer to pay with plastic," according to the blog.

"There were a few minor bugs reported, but not conclusive evidence of anything that caused a leak in our systems," Agarwal also said.

NoMoreRack engaged with Trustwave "to ensure that its systems are compliant with the Payment Card Industry (PCI) standards, a set of requirements designed to ensure that all companies that process, store or transmit credit card data maintain a secure environment," Brian Krebs wrote on his cybersecurity blog.

NoMorerack was founded in October 2010, and in 2012, the company reportedly had online sales of more than $100 million. Sales reportedly reached $340 million by the end of 2013. Its ratings, however, took a dive, largely due to consumer complaints.

NoMoreRack could not be immediately reached for comment.

In late December 2013, the Target Corporation was sued by at least 11 customers over a recent credit card security breach, which saw the details of more than 40 million cards stolen. Some were class-action lawsuits. Some sought millions of dollars worth in in damages.

Target "suffered up to a 4 percent drop in transactions over the weekend compared to this time last year, while transactions at other retailers were strong," as reported by CBS News.

Tags
Cybersecurity
Join the Discussion
More News
Stefanie Damron

Stefanie Damron Missing: Police Intensify Search For Maine Teen 2 Months After Vanishing Near Woods

Alexandrea G. Ring

Pregnant Indiana Mother 'Threw' Her Baby Daughter After She Cried, Police Say

A Teen Girl Has Just Become the Youngest Person to Pass the California Bar Exam. The Previous Record Holder Was Her Brother

Florida Mom Accused of Drowning Daughter in Bathtub, Then Chasing

Florida Mom Accused of Drowning Daughter in Bathtub, Then Chasing Witnesses Around Apartment with a Hammer

Real Time Analytics