The data breach that we reported on a day ago and affected Patz and Hall winery seems to be more widespread due to the origin of it at a third party vendor called Missing Link Networks. At this point, it appears numerous Northern California wineries had their customers protected financial information accessed form a point of sale breach.
The CEO of Missing Link Networks has issued a statement, which sounds similar to those responses generally seen after a data breach.
Hackers “gained access to customer names, credit/debit card numbers, the related billing addresses, and any dates of birth in our system during the window of April 1st through 30th this year,” but “did not have access to any driver license numbers, Social Security numbers, CVV verification numbers, or PIN numbers (data which we would typically not collect anyway).”
The playbook response to a data breach seems to be to acknowledge the data was subject to unauthorized access, but then claim that the data is not useful – no matter what data it was. In this case, Missing Link Networks seems to be trying to reassure its customers that the loss of names, credit card numbers, billing addresses and dates of birth is somehow not alarming. But this is exactly the type of data that identity thieves seek to use unlawfully.
If you have received notice of a data breach related to this, or any of the numerous other recent breaches, a good place to begin gathering information on how to protect yourself is the FTC. There you can gain valuable information on the proper steps you may take to avoid financial difficulty in the future.