Cyber Incident Victim: Missing Link Networks
Date:
Apr 2015
Location:
United States of America
Summary
A credit card processor and point-of-sale vendor serving Northern California wineries disclosed a network breach exposing customer payment card data during a month-long intrusion. The compromise affected consumer names, credit/debit card numbers, billing addresses, and dates of birth, though driver’s licenses, Social Security numbers, CVV codes, and PINs were not accessed as they were not stored. The company identified and secured the intrusion vector while initiating notifications to winery clients and affected consumers, collaborating with law enforcement and card associations. To prevent recurrence, the organization began transitioning its eCellar Systems platform to tokenization technology to eliminate card number storage. This incident followed recent breaches involving other POS vendors, highlighting persistent security challenges in payment processing environments.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In April 2015, Missing Link Networks Inc., a California-based credit card processor and point-of-sale vendor specializing in services for wineries, suffered a breach of its eCellar Systems consumer-direct sales platform. An unidentified intruder accessed the platform between April 1 and April 30, 2015, compromising customer names, credit/debit card numbers, billing addresses, and dates of birth. The attacker did not obtain driver's license numbers, Social Security numbers, CVV verification codes, or PINs, as the company stated it typically did not collect such data. Missing Link's CEO Paul Thienes confirmed the breach on June 10, 2015, after the company began notifying its winery clients on May 27. The compromised data involved transactions processed exclusively during the one-month window, with affected wineries subsequently alerting their customers. Multiple notifications were anticipated for consumers who had transactions with several impacted wineries. The company identified and secured the intrusion method but did not disclose technical specifics about how the breach occurred or how it was detected.
Missing Link Networks engaged law enforcement and credit card associations in its investigation while initiating measures to prevent recurrence. The company announced plans to implement tokenization—replacing stored card numbers with unique identifiers—to eliminate future storage of actual payment card data on its platform. This approach aligned with industry trends highlighted in a January 2015 Gartner report predicting widespread tokenization adoption among U.S. merchants. The breach exposed vulnerabilities in the eCellar platform's data handling practices, particularly the storage of cardholder information vulnerable to exfiltration prior to tokenization. As a POS technology provider serving Northern California wineries, Missing Link joined other compromised vendors like NEXTEP, HarborTouch, and Signature Systems in experiencing security failures during this period. The incident underscored broader retail security challenges, including the limitations of tokenization against POS malware and the trade-offs between encryption implementation costs versus long-term security benefits, as merchants awaited EMV chip card technology adoption to reduce counterfeit fraud risks.