Cyber Incident Victim: Dennis East International

Dennis East International (DEI) experienced two distinct security breaches in 2014 involving its website, which was hosted by third-party provider Omeganet of Georgia (also known as CAMEO EZ). The first incident occurred between June 1 and June 13, affecting an unspecified number of DEI's retail customers who placed orders through the website during that period. Omeganet alerted DEI that these customers might have received phishing emails attempting to collect their credit card information. The second breach occurred between May 28 and June 13, when Omeganet's systems were compromised by hackers. This intrusion exposed more extensive customer data from DEI's e-commerce platform, including user IDs, credit card names, credit card numbers with expiration dates, customer names, email addresses, billing and shipping addresses, and telephone numbers. Both breaches occurred within overlapping timeframes, with the second incident encompassing a slightly longer period than the first.

DEI notified affected customers following Omeganet's disclosures about both security events. The company advised impacted individuals to contact their credit card issuers and maintain vigilance regarding their financial accounts, but did not provide credit monitoring services. DEI submitted copies of its breach notifications to the New Hampshire Attorney General's Office, confirming regulatory compliance efforts. The breaches exclusively compromised data from customers who transacted business through DEI's website during the specified date ranges, with no indication that physical retail operations or other systems were affected. Omeganet's involvement as the hosting provider meant DEI relied entirely on their third-party notifications for breach discovery and forensic details. The incidents exposed both phishing risks and direct system intrusion consequences, with the second breach resulting in comprehensive theft of personally identifiable information and payment card data.