Cyber Incident Victim: Breyer Horses
Date:
Mar 2013
Location:
United States of America
Summary
Malware compromised the Breyer Horses website server for over 18 months, potentially exposing customer names, addresses, account credentials, and payment card details including numbers, expiration dates, and security codes. The breach, discovered after unauthorized access, led the parent company Reeves International to implement corrective measures such as updating website code and notifying affected individuals, though the total number of victims remains undisclosed.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Malware compromised the Breyer Horses website, operated by Reeves International, for approximately 18 months between March 31, 2013, and October 6, 2014. Reeves International discovered the intrusion on September 9, 2014, during which unauthorized actors installed malicious software on the server hosting the e-commerce platform. The malware potentially exposed customer payment card data, including account numbers, expiration dates, and security codes, alongside personal identifiers such as names, physical addresses, website usernames, and passwords. The breach timeline indicated continuous access from the initial compromise date in March 2013 until its eradication in October 2014. Reeves International did not publicly disclose the number of affected individuals despite external inquiries, leaving the incident's full scope undefined. The prolonged exposure period raised concerns about the volume of transactions processed during the 18-month window and the potential misuse of stolen financial data.
Following the discovery, Reeves International implemented corrective measures, including updating the website’s underlying code to eliminate the malware and secure the platform. The company initiated notifications to all impacted customers, advising them of the potential compromise of their sensitive information. No additional technical specifics regarding the malware’s functionality, intrusion vector, or data exfiltration methods were disclosed publicly. The incident underscored vulnerabilities in the website’s security posture, particularly the extended duration between initial compromise and detection. Reeves International’s response focused on containment through infrastructure remediation and regulatory compliance via breach notifications, as documented in an Individual Notice Letter submitted to the California Attorney General’s office on October 23, 2014. The breach highlighted risks associated with persistent malware infections on e-commerce systems handling payment card transactions.