Data Thieves

Hackers Uncork Customer Data From Gary Vaynerchuk’s Wine Library

gary vaynerchuk Hackers Uncork Customer Data From Gary Vaynerchuks Wine Library

Glass half empty kinda day

Some bad news for New York’s best big mouth, it appears that Wine Library, Gary Vaynerchuk’s online store, has been hacked. The site sent an email out to customers yesterday, as first reported by Alexia Tsotsis, which gave them a rundown on the timeline of the attacks.

When we began hearing from a few customers about possible fraudulent credit card charges in the middle of October, we launched an investigation.  At that time, we did not know a data breach had occurred.  However, as the number of these concerns increased in early November, we removed all credit card data from our site on November 11th since it became clearer that, although we couldn’t find a breach, something was going on.  Last week we confirmed that an IP address from China was used to hack our website and potentially compromised customer credit card information.  As far as we can tell, this did not affect any in store transactions.

The company makes it clear that this is the first time in its 15 years on the web that it has experienced something like this, and that it is taking big steps to ensure it never happens again. In fact, according to the email, the company will no longer store any customer credit card data. “All credit card data will be tokenized through a third party, meaning that even if someone takes the data they can’t do anything with it.”

Wine Library is also ramping up the launch of a new site which will have top flight security baked into the back end. It’s a rough episode for Gary V and his family business, but the company seems to be responding aggressively. In the comments on TechCrunch a man named Jasen Bartlett suggests there may be legal liabilities from this attack. “Wow, there is no way they were PCI compliant storing data on their site… And not knowing about a break until they had complaints. The requirements are stringent for PCI compliance.. That could lead to a 75K fine per instance of improperly stored credit card data. Not good.”

But most of the comments were supportive of Mr. Vaynerchuk, blaming the hackers and sympathizing with the plight of his company.

Follow Ben Popper via RSS.