JM Bullion announces a breach of their network, and as a result of this breach, stole some customer credit card information. As you may know, JM Bullion is one of the largest precious metal retailers on the web.
The JM Bullion breach was in February of last year (2020), although the company only grew aware of the problem on July 6th, with a notice of suspicious activity on their website. By July 17th, they had identified a malicious script injection into their site, which, according to the company’s disclosure notification, “had the ability to capture customer information entered into the website in limited scenarios while making a purchase.”
The notification stresses that the limited scenarios represented a small fraction of the total transactions processed by JM Bullion during the period. Still, JM Bullion has so far declined to give any information regarding the exact scope of the breach and scale of the incident.
By now, all JM Bullion impacted customers will have received an official notification of the breach by mail from the company, which includes the next steps. If you haven’t received a notice, then the odds are excellent there was no compromising of your card information and there’s nothing for you to do.
Either way, it pays to be mindful of the event and to keep a sharp eye on your credit card and your purchases with the JM Bullion site, just in case your information was in the breach.
The offending script has been cleaned, and at present, there are no issues with the site. Still, this serves as yet another reminder that no matter where you go on the web, you are not safe no matter what you do. Stay vigilant.