[BreachExchange] Beggars Group Hacked, Warns Customers of Data Breach

Wed Jul 20 19:38:38 EDT 2016

http://www.billboard.com/articles/news/7445746/beggars-group-hacked-warns-customers-of-data-breach

Leading independent record label conglomerate Beggars Group had its online
stores hacked in May, with costumers' confidential information potentially
compromised.

Matador Direct -- which distributes for 4AD, Matador, Rough Trade, Young
Turks, True Panther, XL Recordings and Beggars Arkive in the United States
-- sent a letter last week explaining that customers who ordered through
its labels' websites from April 28, 2015, to May 4, 2016, may have been
victims of a data breach. As Pitchfork reported, personal, credit card and
password information was among the information possibly obtained by
hackers.

In response, the company has changed customers' passwords and has addressed
the breach on its websites and claims to be working to strengthen its
online security. A Beggars spokesperson would not say how many customers
have been affected by the breach.

In the letter, signed by Matador president and co-owner Patrick Amory, the
company explained the situation to customers: "On May 4, 2016, we were
advised by our third-party website developer that it had identified and
removed suspicious files from the e-commerce websites of the record labels
for which Matador Direct is the distributor. We quickly began an
investigation and hired a third-party cybersecurity firm to assist us.
Findings from the investigation show that if a customer attempted to or did
place an order on one of the affected websites from April 28, 2016 to May
4, 2016, information associated with the order being placed, including the
customer's name, address, phone number, email address, payment card number,
expiration date and security code (CVV), and account password for the
website on which the customer placed an order, may have been obtained by an
unauthorized third-party."

Beggars Group labels work with artists including Vampire Weekend, the xx,
Grimes,Savages, Kurt Vile, Queens of the Stone Age and more.

Neither Adele nor Radiohead album orders were affected, though they work
with Beggars, as Adele is signed to Columbia in the United States and
Radiohead was not distributed by Beggars within the affected time frame.

A Beggars spokesperson told Billboard in a statement, "Matador Direct
identified and addressed a data security incident that potentially affected
orders placed or attempted to be placed from April 28, 2015 to May 4, 2016
on the e-commerce sites operated by Matador Direct.  Customers who have
questions may contact our dedicated call center at  (877) 218-0056, Monday
through Friday, from 9 a.m. to 7 p.m. EST and provide reference number
7631070716 when calling."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20160720/54053677/attachment.html>