Received the following email from SKS this morning...
"To our Valued Customers:
SKS Bottle and Packaging became aware of unauthorized access to customer payment data for transactions performed at our company’s e-Commerce web site. At this time, we believe the compromise is limited to any purchase made from September of 2013 to July of 2014 at www.sks-bottle.com. Further, we have determined at this time that the information involved in this incident included customer names, billing addresses, payment card information, payment card expiration dates, and CVV codes.
We deeply regret any impact that this security breach may have caused our customers. In an effort to minimize the impact and address the problem, we engaged a leading incident response and forensics firm to undertake the investigation immediately when we became aware of the suspected breach. We are partnering with the forensics firm to conduct a thorough investigation of the incident and to examine additional security controls and measures we can take that would be designed to help prevent incidents of this nature in the future.
Along with engaging the outside incident response firm, we also contacted law enforcement and Visa, working closely with the appropriate agencies to ensure that any of our customers impacted by this incident were quickly identified and contacted. We have put the full resources of our company behind these efforts.
SKS Bottle and Packaging takes the protection of our customer’s data and payment card information seriously. We can always do better and are taking the necessary steps to make improvements to our security program. We have engaged an IT security company to continuously monitor our e-Commerce web sites for future attack attempts and to scan those web sites regularly for security issues and malicious software. While we will continue to do in house monitoring of our security program for its effectiveness and make necessary improvements, this third party company will do so as well. We will be employing all reasonably available measures and security controls needed to improve the security posture of our company so that our customers can take full advantage of the convenience of online order processing to fulfill your company’s custom bottling and packaging needs.
We recommend that you closely review the information provided in this letter for some steps that you may take to protect your company against the potential misuse of your company’s credit card information. You should remain vigilant for incidents of fraud and identity theft by regularly reviewing your company’s corporate bank account statements. If you discover any suspicious or unusual activity on your statements or suspect fraud, you should report it immediately to your financial institutions.
You may also wish to contact the Federal Trade Commission or law enforcement to report incidents of identity theft. A contact number for that office is 877-IDTHEFT (438-4338).
Thank you for your time and attention.
Very truly yours,
Steve Horan
CIO"
"To our Valued Customers:
SKS Bottle and Packaging became aware of unauthorized access to customer payment data for transactions performed at our company’s e-Commerce web site. At this time, we believe the compromise is limited to any purchase made from September of 2013 to July of 2014 at www.sks-bottle.com. Further, we have determined at this time that the information involved in this incident included customer names, billing addresses, payment card information, payment card expiration dates, and CVV codes.
We deeply regret any impact that this security breach may have caused our customers. In an effort to minimize the impact and address the problem, we engaged a leading incident response and forensics firm to undertake the investigation immediately when we became aware of the suspected breach. We are partnering with the forensics firm to conduct a thorough investigation of the incident and to examine additional security controls and measures we can take that would be designed to help prevent incidents of this nature in the future.
Along with engaging the outside incident response firm, we also contacted law enforcement and Visa, working closely with the appropriate agencies to ensure that any of our customers impacted by this incident were quickly identified and contacted. We have put the full resources of our company behind these efforts.
SKS Bottle and Packaging takes the protection of our customer’s data and payment card information seriously. We can always do better and are taking the necessary steps to make improvements to our security program. We have engaged an IT security company to continuously monitor our e-Commerce web sites for future attack attempts and to scan those web sites regularly for security issues and malicious software. While we will continue to do in house monitoring of our security program for its effectiveness and make necessary improvements, this third party company will do so as well. We will be employing all reasonably available measures and security controls needed to improve the security posture of our company so that our customers can take full advantage of the convenience of online order processing to fulfill your company’s custom bottling and packaging needs.
We recommend that you closely review the information provided in this letter for some steps that you may take to protect your company against the potential misuse of your company’s credit card information. You should remain vigilant for incidents of fraud and identity theft by regularly reviewing your company’s corporate bank account statements. If you discover any suspicious or unusual activity on your statements or suspect fraud, you should report it immediately to your financial institutions.
You may also wish to contact the Federal Trade Commission or law enforcement to report incidents of identity theft. A contact number for that office is 877-IDTHEFT (438-4338).
Thank you for your time and attention.
Very truly yours,
Steve Horan
CIO"