Very little is known about which specific customers had their information impacted. According to its website, it ships more than 30,000 orders per month. It has been reported that JM Bullion posted sales of more than $3 billion over an eight-year period.
What is a payment-skimmer attack?
The company website claims it uses 256-bit SSL encryption, certified by DigiCert/Norton. They also assure that “We never have access to your credit/debit card information, as it is processed securely by CyberSource, the parent company of Authorize.net, following the most stringent PCI-compliant standards.”
Despite the firm’s security, the attacker breached its encryption and other protections to scan in private information.