Topps has announced a security breach that may have impacted customers who used the company’s website from November 19-January 9, 2019.
Topps filed a data breach notification late last week. They’re telling customers they became aware of possible unauthorized access on December 26 and launched an investigation with help from an external security firm.
On January 10, they confirmed hackers may have had access to or acquired payment card and other information from customers who placed orders on Topps.com during that 51-day period. It’s believed those who paid with Paypal were not affected by the breach.
“While we cannot confirm whether your personal information was accessed or acquired, the investigation confirmed that this was possible during the relevant time period,” Topps stated in its notification.
“ It is possible that this incident compromised names, mailing addresses, telephone numbers, e-mail addresses, and payment information (including credit/ debit number, card expiration date, and security code) for customers who completed a purchase through the Topps website between November 19, 2018 and January 9, 2019.”
Topps is telling customers to review card statements to look for any suspicious or unauthorized activity. They’re also suggesting customers who made a purchase using a payment card to contact credit reporting agencies to place a fraud alert on their credit files.
Topps was hit with a similar attack in late 2016.
Topps says it has been working with a security firm “to implement measures to strengthen the security of our systems and help prevent a similar incident from happening again.” They say they have “upgraded the Topps.com website platform.”