‘Made in Oregon’ Discloses Massive Security Breach Exposing Customer Credit Cards

  • Online gift shop ‘Made in Oregon’ was infected with card skimmers since September 2020.
  • The platform is now sending out notices of the breach, informing customers of a credit card data leak.
  • Clients who bought anything from the shop are advised to take the offer for one year of Experian protection services.

‘Made in Oregon,’ the Portland-based online gift retailer that operates on the “madeinoregon.com” domain, has disclosed a massive security breach that involves highly sensitive data of its customers. More specifically, "magecart" actors have planted a data skimmer on its website and siphoned everything that customers entered on the order forms between the first week of September 2020 and the last week of March 2021. That’s a lot of time, and it should correspond to a voluminous set of stolen data.

As per the details provided in the notice of the data breach that was shared with the relevant data protection authorities in the U.S., clients of ‘Made in Oregon’ should consider the following exposed:

  • Full name
  • Billing address
  • Shipping address
  • Email address
  • Credit Card information used for purchases

The company is currently working with third-party consultants and computer forensics experts to conduct a thorough review of what exactly happened. In the meantime, the website no longer accepts personal information from visitors and clients, and this will remain the case until the company is confident that the website is clean.

And to complement the response to this incident, the recipient of the notices is also provided with a 1-year membership to the Experian IdentityWorks service, which should keep them safe from identity theft attempts over the upcoming period. Unique activation codes for this have been included in each notice, so each customer is advised to look into their inbox.

If you have bought anything from ‘Made in Oregon’ between September 2020 and March 2021, consider your details compromised. This means treating all incoming communications with caution, monitoring your bank account statements, and reporting anything weird to the authorities or your card issuer.

Next time you would like to buy something online, either use an electronic payment method or an anonymous pseudo-credit card that is not linked to your bank account but can instead be topped up. In this case, it took ‘Made in Oregon’ quite a while to discover the security breach and do something about it, so the actors had plenty of time to exploit the stolen data.

Latest
How to Watch Stars on Mars Online from Anywhere
The red planet is beckoning, and an ensemble of stars is going where no man has gone before. In the new unscripted...
How to Watch Cruel Summer Season 2 Online from Anywhere
While fans of the original series may not see Kate and Jeanette from the previous season, Cruel Summer Season 2 still promises...
How to Watch The Age of Influence Online: Stream the Docuseries from Anywhere
The Age of Influence is a new documentary series examining the dark side of influencer culture, and you’ll be able to stream it...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari