SelectBlinds, a U.S. windows blinds and shades seller, had information from over 200,000 customers exfiltrated following a malware attack against its website since early January, reports The Record, a news site by cybersecurity firm Recorded Future.
Such malware compromise, which was only identified in late September, has impacted login information, names, phone numbers, emails, shipping and billing addresses, and payment card details with CVV codes and expiration dates belonging to individuals who had visited the SelectBlinds website's check-out page, said the company in breach notifications filed with California and Maine regulators. Aside from locking affected accounts, individuals impacted by the incident have also been urged by the company to immediately replace login credentials for other sites using the same passwords. SelectBlinds' attack disclosure comes after a Recorded Future report detailing the sale of 15 million stolen card records on carding shops across the dark web.