https://www.infosecurity-magazine.com/news/bobs-red-mill-reports-data-breach/
Exploit: Malware
Bob’s Red Mill Natural Foods: Grocery Brand
Risk to Business: 2.761 = Moderate
Bob’s Red Mill Natural Foods has announced that it has experienced a data breach after data scraping malware was found to be operating on its website. The company said on April 15 that the malware was in operation between February 23 and March 1, 2022. The company’s initial investigation did not uncover any exfiltration, but after a customer complaint that has changed.
Risk to Business: 2.814 = Moderate
Customer information impacted includes online customers’ payment card information, billing and shipping addresses, email addresses, phone numbers and purchase amounts. The company said that no information had been found to indicate that any Social Security numbers, dates of birth, driver’s license numbers or other government-issued ID numbers had been exposed in the attack.
Individual Impact:
No information about consumer/employee PII, PHI or financial data exposure was available at press time.
How It Could Affect Your Customers’ Business: Customers aren’t going to respond well to companies that can’t keep their payment card data safe.
Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.