Online guitar tutoring website, TrueFire, has revealed it identified a data breach on the January 10, 2020 which potentially revealed the personal information of millions of its customers.
The breach lasted for six months between August 2019 and January 2020, during which personal data that customers provide when buying products on the site was open to hackers.
The company has more than one million users, with customers able to pay for 40,000 video tutorial lessons from a library of more than 900 courses.
TrueFire’s chief customer officer, Ren Wright, sent a letter to all of the company’s customers explaining the situation.
The letter read: “On January 10, 2020, TrueFire discovered that an unauthorised person gained access to our computer system and, more specifically, to information that consumers had entered through the website.
The company has stated that, although payment card information is not stored on its systems, customers who paid for online tutorials between August 3, 2019 and January 14, 2020 may have left their data vulnerable, and suggested those customers block their cards immediately and monitor any suspicious activity on their accounts.
Wright continued: “We cannot state with certainty that your data was specifically accessed, however you should know that the information that was potentially subject to unauthorised access includes your name, address, payment card account number, card expiration date and security code.”
- 531 Carphone Warehouse Stores to Close With 2,900 Redundancies
- Tech Nation Reveals £200m in VC Investment in Scotland
- UK Intelligence Agency Warns of Criminals Exploiting Coronavirus
The company has said that, as soon as the breach was identified, it quickly acted to close it off and is “working with a computer forensic specialist to determine the full nature and scope of the intrusion”.
The breach once again highlights the lack of security measures on online sites that store personal data after a series of major data breaches in 2020 alone and calls into question whether organisations are doing enough to protect their customers online.
Companies such as Virgin Media and the The Financial Conduct Authority (FCA) had to apologise this year for major data breaches, and it was revealed that 76,000 companies in Britain, and 360,000 worldwide, are open to security threats on their systems.