Industry News

BevMo leaks credit card data (including CVVs) of 15,000 customers

American alcohol retailer BevMo has suffered a breach that leaked credit card data, including security codes, belonging to 15,000 customers.

A privately-held corporation based in Concord, California, BevMo sells mostly alcoholic beverages. The company was founded in January 1994 as Beverages & More and was re-branded as BevMo in January 2001. As of 2013, the company operates 148 stores.

California attorney general’s office received a notice from BevMo this week that someone planted malware on its checkout page, the Associated Press reports. The code was designed to steal customers’ names, credit and debit card numbers, expiration dates, CVV codes (the three-digit security code used to confirm transactions), billing addresses, shipping addresses and phone numbers.

NCR Corporation, the service provider that operates BevMo’s website, removed the malware soon after it learned of the breach. However, the personal and financial information of some 15,000 customers is reportedly already in the wrong hands. NCR is now collaborating with a third-party forensic firm to assist in further investigation. BevMo, for its part, has been in contact with law enforcement and credit card companies, and is conducting its own investigation into the breach.

According to Tamara Pattison, BevMo’s Chief Marketing and Information Officer, if you’ve placed an order with BevMo between August 2 and September 26 you might be one of the 15,000 customers whose data was stolen by hackers. In such a case, you can contact a company official at (877) 565-6276.


About the author


Filip is an experienced writer with over a decade of practice in the technology realm. He has covered a wide range of topics in such industries as gaming, software, hardware and cyber-security, and has worked in various B2B and B2C marketing roles. Filip currently serves as Information Security Analyst with Bitdefender.