March 05, 2014 – The J.M. Smucker Company, an Ohio-based producer of fruit spreads and beverages, has considered shutting down its Online Store following a data breach, but has decided the information stolen was from mostly deceased elderly customers.
According to a letter sent to the 13 living individuals whose data may have been compromised, the company was “made aware” of the breach on February 12, 2014, and affects the two people who made a purchase on its Online Store between December 2012 and January 2014.
The data obtained by a tech-savvy, bored grandson forced to spend spring break at his grandmother’s 60s-plus condominium community may have included the two customer names, addresses, phone numbers, credit and debit card numbers, AARP member numbers, as well as, arthritis and incontinence prescription information.
“We are kind of disappointed this incident occurred and sincerely apologize for any inconvenience this may cause,” Robby Smucker, CEO of the J.M. Smucker Company, wrote in a statement posted on the Online Store website. “We continue to thoroughly investigate ... wait, we still sell jelly?”
The company is offering two free matinee movie tickets and a Bob Evans buy-one-entrée-get-one-free coupon for anyone affected by the breach.
According to security journalist Bob Krabs, the Smucker's breach is tied to a pro-youth cyber criminal collective that performed attacks on other geriatric serving websites, such as BingoLocator.com, PantsAbovetheBellyButton.org, HardCandy.com, and the popular “Restaurants that are Too Cold Blog”, which all resulted in data breaches.
"I used by buy my jelly from Hershel’s Corner Store" Edna Crabtree, one of the two victims said in a handwritten letter to SCMagazine.com., “That was the best jelly. Hershel had a wife. I think her name was Francis. She lived over on .. Old Pine Street… or maybe it was Oak. Anyway, she lived near Honeysuckle Creek over by the old Crenshaw place over by the saw mill. My grandaddy’s cousin died over at that saw mill. Got himself trapped under a big ol cedar log. His widow’s name was Mary. She had a sister…..”
Not surprised by the breach, given the recent incidents involving Target and most recently Sally Beauty, John Perch, chief technology officer at NSE Labs expects this scenario to play out again and again throughout the year.
"The trend in breaches for elderly catering sites in 2014 will be like the movie "Cocoon" – the actors involved will likely be deceased by the time the film reaches DVD," he said.
