Cyber Incident Victim: Graeter's Ice Cream
Date:
Jan 2018
Location:
United States of America
Summary
A cybersecurity breach at Graeter's Ice Cream exposed payment information of approximately 12,000 customers through unauthorized code injected into the company's website checkout page. The compromise affected individuals who made online purchases during a specific period, with stolen data potentially including credit card details. The incident did not impact transactions processed through physical retail locations, which operated on separate systems. Affected customers received direct notifications about the potential exposure of their financial information.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In early 2019, Cincinnati-based Graeter’s Ice Cream notified approximately 12,000 customers that their credit card information may have been compromised due to a breach of the company’s website. The breach occurred in 2018 when unauthorized code was injected into the checkout page of Graeter’s online purchasing system. This malicious code potentially intercepted payment card data entered by customers during transactions made through the website over the course of the year. The compromise was limited to online purchases, as Graeter’s clarified that brick-and-mortar retail stores operated on separate, unaffected systems. The company initiated customer notifications in January 2019 after identifying the breach, though the exact timeline of the compromise and its discovery remained unspecified in public disclosures.
The incident exposed payment card details used for online orders placed during 2018, posing financial fraud risks to affected individuals. Graeter’s response focused on direct notification to all 12,000 potentially impacted customers, though no specific remediation offerings or forensic findings were detailed in available reports. The breach did not extend to in-store transactions or other operational systems, limiting its scope to web-based purchases. No additional attacker motives, methods of code insertion, or data exfiltration channels were confirmed in the disclosed information. The company’s public communication emphasized the separation between online and physical retail systems while acknowledging the compromise’s potential consequences for customer payment security.