Another organization bungles away your personal and financial data.
A key subsidiary of the California Association of Realtors suffered a data breach of about two months that might have exposed sensitive credit card information.
“We recently learned that malicious code (‘malware’) uploaded by an unauthorized third party was present in payment processing software used for store.car.org,” the Los Angeles-based Real Estate Business Services said in a July 3 letter.
“This malware may have copied and transmitted to an unknown third party personal information that briefly went through our servers during the store.car.org payment processing step of purchases of REBS (Real Estate Business Services) products and services between March 13, 2017 and May 15, 2017,” the letter said.
“The malware was removed from our systems, and we now use an entirely different payment system through PayPal.”
REBS — which provides real estate education, products and forms — reported the breach in a letter to the California Attorney General’s Office.
The letter further said, “The data accessed included personal information entered in connection with a purchase of products from our online storefront.
The data may have included the user’s name, address, credit card number, credit card expiration date and, in some instances, credit card verification code (CVC code).
Great, just great.
Source: The San Diego Union-Tribune