November 10th, 2015
What's the issue?
Walmart Canada has announced that customers who've used Walmart PhotoCentre online services from June 2014 to July 2015 may have had their credit card information compromised. Initially reported at 60,000, now news reports are placing the number of Canadians potentially affected at 750,000.
How did it happen?
Walmart Canada shut down their PhotoCentre online services in July 2015 after learning of a possible data breach to their website and launched an investigation. The Walmart PhotoCentre photo-processing service was operated by a third party company called PNI Digital Media, which is owned by Staples Inc. Their investigation showed that malware was placed on to some of PNI Digital Media's servers by an unauthorized party. Some of the affected servers were host to the Walmart Canada PhotoCentre site. According to cybersecurity expert, Alex Heid from SecurityScorecard, it is believed that cybercriminals used the photo uploading service to upload the malware to the servers. "The malware is designed to collect credit card and other personal information customers provide when placing an order, including name, email and account password. The malware is not designed to capture images or photos uploaded by customers or to capture a customer's PIN (personal identification number)," Walmart reports.
What should I do?
If you are customer who used Walmart PhotoCentre services, be sure to check your banking statements for any irregular transactions, and to change your passwords. A spokesperson from Staples said in a statement, "we take the protection of information very seriously. PNI [Digital Media] is investigating a potential credit card data security issue. If an issue is discovered, it is important to note that consumers are not responsible for any fraudulent activity on their credit cards that is reported on a timely basis."
For more information
If you have any questions or concerns, do not hesitate to call the support centre at 1-855-667-2642 or email firstname.lastname@example.org.