Cyber Incident Victim: ValuePetSupplies.com
Date:
Nov 2014
Location:
United States of America
Summary
ValuePetSupplies.com experienced a server breach where attackers installed malicious files to harvest customer payment card details and personal information, including names, addresses, contact data, account passwords, and financial credentials. The intrusion compromised several thousand customers during an extended period before detection. The company removed the malicious code, implemented enhanced security measures, and notified all affected individuals, though it acknowledged no confirmed misuse of the stolen data at the time of disclosure.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Between November 25, 2014, and December 29, 2014, unauthorized individuals gained access to servers belonging to ValuePetSupplies.com, a Tennessee-based online pet supplies retailer. The attackers installed malicious files designed to intercept and capture sensitive customer information submitted through the company’s website. This breach compromised personal and financial data belonging to several thousand customers, including names, physical addresses, email addresses, telephone numbers, account passwords, credit or debit card numbers, card verification value (CVV) codes, and card expiration dates. The attackers specifically targeted payment card information during the five-week intrusion period. ValuePetSupplies.com discovered the breach and initiated an investigation, though the exact method of initial detection was not publicly disclosed in available sources. The malicious files operated undetected for over a month, systematically harvesting data from transactions and account activities during the peak holiday shopping period.
ValuePetSupplies.com responded by removing all identified malicious files from its systems and implementing additional security measures to prevent future breaches. Company president Zachary Piech directly notified affected customers via mailed letters dated January 14, 2015, advising them to monitor financial accounts despite stating there was no confirmed evidence of data misuse. The notification acknowledged the compromise of highly sensitive CVV codes alongside standard payment card details, significantly increasing potential fraud risks. Internal correspondence confirmed remediation efforts focused on securing web servers and transaction processing systems against similar attacks. While the breach timeframe was precisely defined, the company did not disclose technical specifics regarding server vulnerabilities exploited, malware characteristics, or whether third-party forensic investigators were involved. Customer notifications emphasized protective measures individuals could undertake independently but did not offer complimentary credit monitoring services. The incident exposed comprehensive financial and personal data sufficient to facilitate identity theft and fraudulent transactions across multiple affected accounts.