Totally Promotional, Celina, Ohio, an online distributor of promotional products, has alerted an undisclosed number of customers that cyberattackers gained access to customer information, including payment data and other information.
SC Magazine reported that the attack was stopped at the access point the attackers used, and malware left behind was removed. Totally Promotional reported that the breach most likely occurred between June 23 and July 10.
According to the article, Totally Promotional hired security experts to look into the matter, and the company submitted to internal and external security checks. The company also took steps to strengthen security.
The company became aware of the issue on July 6, when Totally Promotional received calls from customers who used cards for purchases and later saw unauthorized charges on their cards.
A letter Craig A. Hoffman, the distributor's lawyer, sent to New Hampshire Attorney General Joseph Foster states that Totally Promotional started notifying customers via email on Aug. 13, and by mail on Aug. 14.
"Totally Promotional provided those customers with additional information on steps that can be taken to protect their information," Hoffman said in the letter. "Totally Promotional is providing a telephone number and email address that potentially affected customers can contact with questions."
The distributor notified customers via a document called "Steps You Can Take to Further Protect Your Information," that includes contact information to file a complaint with the Federal Trade Commission, obtain a credit report and place fraud alert on a credit report. The company also recommended that potentially affected customers keep a close eye on their account statements for unauthorized purchases.
Totally Promotional could not be immediately reached for comment.
For more information on Totally Promotional, visit www.totallypromotional.com.