Cyber Incident Victim: Numrich Gun Parts Corporation

The Numrich Gun Parts Corporation experienced a cybersecurity breach involving its e-commerce website, gunpartscorp.com, which was discovered on March 28, 2022. An investigation revealed that malicious card skimming code had been deployed on the site, enabling unauthorized actors to harvest payment information submitted by customers during online transactions. The skimming operation was active between January 23, 2022, and April 5, 2022, during which attackers collected sensitive data including credit card numbers, expiration dates, CVV codes, customer names, phone numbers, and addresses. This information provided sufficient details for threat actors to conduct fraudulent purchases using compromised payment cards. The company identified 45,169 affected individuals and issued breach notifications through the Office of the Maine Attorney General. No details regarding the initial intrusion vector or specific malware characteristics were disclosed in available reports.

The breach exposed customers to financial fraud risks through unauthorized card usage, compounded by the sensitive nature of firearms-related purchases. While the primary impact involved payment card compromise, the incident carried additional privacy concerns due to the potential identification of gun owners through transaction records, creating secondary risks of targeted criminal activity against individuals possessing firearms. Numrich Gun Parts Corporation did not publicly disclose remediation measures taken beyond removing the skimming code, nor were specifics provided regarding coordination with law enforcement or forensic investigators. The incident occurred alongside a similar breach at Rainier Arms, another firearms retailer, though no evidence suggested operational connections between the two compromises. Both breaches highlighted vulnerabilities in e-commerce platforms serving specialized markets where transactional data carries heightened sensitivity beyond conventional financial exposure.