SelectBlinds Breach Exposes 200,000+ Customer Records
Over 200,000 buyers of blinds and window decor have been impacted by a data breach—hackers have stolen their credit card details and personal information using malware embedded on a major online retailer’s website.
According to documents filed by SelectBlinds in California and Maine, company employees identified the malware on September 28, though it had been active on the site since at least January 7. The attackers embedded malware on the checkout page, enabling them to collect user data during site login.
The investigation revealed that the breach affected usernames, passwords, names, email addresses, phone numbers, and both shipping and billing addresses. Additionally, hackers gained access to payment card numbers, expiration dates, and CVV codes, affecting a total of 206,238 customers.
To prevent further incidents, the company has locked all accounts and strongly advised customers to change their passwords. The skimmer has been fully removed from the site, with particular emphasis on alerting users who reuse passwords across platforms. These customers have been urged to immediately update their credentials to prevent future breaches.
Skimmer-based attacks have long been favored by cybercriminals to steal data from payment pages on websites. Hackers often inject malicious JavaScript code on vulnerable sites, intercepting bank card data and personal information entered by users during purchases. The stolen data is then sold on the dark web for use in fraudulent schemes.
SelectBlinds, an online retailer of blinds and other window accessories, is headquartered in Chandler, Arizona, and is a subsidiary of Dutch manufacturer Hunter Douglas, which specializes in window coverings. The company employs over 140 people and generates annual revenue of around $200 million.
Notably, in October, Jscrambler experts uncovered a new digital skimming campaign utilizing Unicode characters, many of which are invisible, to conceal malicious code known as the Mongolian Skimmer. This skimmer’s primary goal is to steal sensitive information entered on checkout pages of online stores, including financial data.
Furthermore, in August, it was reported that a recent cyberattack on numerous online stores using the Magento platform involved a skimmer that stole customers’ payment card information, including card number, expiration date, and CVV/CVC code. Malwarebytes specialists provided a detailed analysis of how the hackers managed to capture this information.
