Kiplinger Reveals Breach Of 142,000 Customer Accounts

Kiplinger Washington Editors, publisher of the popular Kiplinger newsletters, has revealed a security breach that might have exposed the personal information of some 142,000 of its subscribers.

"On June 25, 2011, we discovered a hacker attack on our database that resulted in an unidentified third party gaining unauthorized access to our customer information," the publisher said in a online statement.

"We took immediate steps to stop the attack and prevent further breaches, and we have notified our affected customers and law enforcement," Kiplinger said. "We are continuing to monitor the situation closely and will post updated information as it becomes available."

The database that was attacked included customer contact information, email addresses, and passwords, the publisher said. In some cases, encrypted credit card numbers were also accessed.

"The credit card information was stored in an encrypted format to prevent unauthorized access or misuse," Kiplinger said. "Nevertheless, there is a possibility that a persistent attacker may be able to crack the encryption and get access to your card number and expiration date." The company recommends that all of the affected subscribers request new cards.

The company did not say exactly how the database was breached. A spokesman told reporters that the company still is not sure how much data the attackers took away.

Have a comment on this story? Please click "Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.