Candy Maker Russell Stover Chocolates Announces Data Breach

American candy supplier Russell Stover Chocolates announced Friday, Aug 30, its retail stores had suffered from a data breach that has potentially affected their customer’s payment cards information.

According to a report from Fox Business, the candy maker giant has identified that an unauthorised party had possibly gained access to its point-of-sale (POS) systems through malware at the company’s retail stores between February 9 to August 7.

In a press release, the company revealed that upon discovery of the data breach, they were quick to launch an investigation with cybersecurity experts aiming to “eradicate and contain the malware.” The company had also notified the appropriate authorities, as well as payment card companies, to help resolve the security issue.

“Upon learning of the incident, we took steps to contain and remediate the incident, including removing the malware from our systems. We are working to further strengthen our security measures, including through enhanced employee training and improved technical measures. We have also notified the appropriate law enforcement and regulatory authorities and are working closely with the payment card companies regarding this matter,” Russell Stover said in a statement.

Candy Maker Russell Stover Chocolates Announces Data Breach

The American candy supplier, however, clarified that there is no evidence that any customer’s payment card information has been inappropriately used at this time. The statement also confirmed there is no available indication that the hack had affected online purchases made on Russell Stover’s website as well.

Russell Stover’s security incident is the latest addition to the chain of security breaches made this year. As reported by Risk Based Security, 2019 is currently on track to being the “worst year on record” for breach activity, listing over 4.1 billion of compromised records.

As of June, a total of three breaches recorded in 2019 have already made it to the list of the top ten largest breaches of all time. This includes the security incidents involving First American Financial Corp., Facebook, and Capital One.

To date, Russell Stover Chocolates are urging their customers to review their bank accounts and payment card statements. The candy maker had also recommended users to immediately notify their payment card companies in case of any suspicious card activity.

“We sincerely regret that this incident occurred and any concern it may cause. If you have questions or need additional information, you may call 855-896-4449 available from 6 a.m. to 8 p.m. (Pacific) Monday through Friday and 8 a.m. to 5 p.m. (Pacific) on Saturday and Sunday (exclusive of holidays). When calling in, please use the reference number DB14273,” the company wrote.