Card payment details compromised in attack on shopping cart software.
Hackers have hit the publisher of security reporter Brian Krebs, less than a month before his debut book Spam Nation is due to launch.
Sourcebooks told the Californian Attorney General’s office that customer payment data and contact information was exposed to hackers during an attack on shopping cart software that it runs on its website.
"Fortunately, this breach does not affect readers who have pre-ordered Spam Nation through the retailers I’ve been recommending — Amazon, Barnes & Noble, and Politics & Prose," Krebs said.
"I mention this breach mainly to get out in front of it, and because of the irony and timing of this unfortunate incident."
Hackers gained access to the shopping cart software between April 16 and June 19 of this year, compromising credit card numbers, expiration dates, cardholder names and card verification values (CVVs).
Contact information such as first name, surname, phone number and address are also feared to have been taken in some cases, as well as account passwords.
"To our knowledge, the data accessed did not include any Track Data, PIN Number, [or] Printed Card Verification Data (CVD)," Sourcebooks said in a letter to its customers.
"We are currently in the process of having a third-party forensic audit done to determine the extent of this breach."
Krebs has been a cybersecurity reporter since 1999 when he began writing about the subject for the Washington Post, and is now the foremost journalist in the field, having broken news on many of the largest cybercrimes in the last few years.
But his success has attracted the ire of hackers, who have stolen his identity many times and once attempted to have him arrested by sending heroin to his home.