Titan Manufacturing and Distributing’s computer system had malware sitting on it for almost a year that was able to steal customer payment card data.
Memphis, TN-based Titan sent a letter out to its customers saying attackers were able to compromise its system and malware ended up installed that remained active at least between November 23, 2017 and October 25, 2018.
“Our records show that you have purchased goods from one of our online stores using a payment card during this time,” the letter said. “The malware was programmed to access your shopping cart including your name, billing address, telephone number, payment card number, expiration date and verification code. We do not store this information.”
The company said it is working with a third-party to investigate the incident and that it would use the knowledge acquired during the review of the incident to further strengthen its data security measures.
Titan did not provide information on the number of affected customers. However, a letter by Titan’s external counsel Butler & Snow to the Washington State Attorney General, said at least 1,838 Washington residents were affected.
Titan said they will provide one year of complimentary identity theft protection for to all customers who used a payment card online from November 23, 2017 until October 25, 2018.