"Bob's Red Mill Reports Data Breach"
Bob's Red Mill Natural Foods, a popular American brand of whole-grain foods, issued a data breach notice on April 15 after learning that it had fallen victim to a data scraping cyberattack that began two months ago. The company stated that they recently learned that, between February 23 and March 1, 2022, malicious software was used to "scrape" purchase-related information entered into their website. The company said that data entered into its website is usually sent directly to the company's payment processor via secure protocols. However, unidentified cyberattackers used malicious software to divert the information. The company noted that they do not believe any of its physical/in-person count-of-sale terminals have been impacted or that purchases made outside the February 23 - March 1 window have been impacted. Data that may have been exposed in the attack includes online customers' payment card information, billing and shipping addresses, email addresses, phone numbers, and purchase amounts. The company said that no information had been found to indicate that any Social Security numbers, dates of birth, driver's license numbers, or other government-issued ID numbers had been exposed in the attack.