Do you own gold?

If so, and if you purchased it online, then odds are good that you bought it from JM Bullion, which is one of the largest precious metal retailers on the web.

If so, be aware that the company recently announced that their network was breached, and as a result, some customer credit card information was stolen.

Breach existed for five months before being discovered

It turns out that this issue dates back to February of this year (2020) although the company only became aware of the problem on July 6th, when they were alerted to suspicious activity on their website. By July 17th, they had identified a malicious script that had been injected into their site, which, according to the company's disclosure notification "had the ability to capture customer information entered into the website in limited scenarios while making a purchase."

The notification goes on to stress that the limited scenarios represented a small fraction of the total transactions processed by JM Bullion during the period, but the company has so far declined to give any information regarding the exact scope and scale of the incident.

For more info click BREACH

What next for impacted customers

By now, all impacted customers will have received an official notification by mail from the company, which includes the next steps. If you haven't gotten such a notification, then odds are excellent that your payment card information wasn't compromised and there's nothing for you to do.

Either way, it pays to be mindful of the event and keep a sharp eye on the payment card you used to make your purchases on JM Bullion's site, just in case.

Our perspective

Needless to say, the offending script has been removed, and at present, there are no known issues with the site. Still, this serves as yet another reminder that no matter where you go on the web and no matter what you do, you are not safe. Stay vigilant.

~ As Hill Street Blues' Sgt. Esterhaus always advised: "Hey, let's be careful out there!" ~


By Denis Wilson and Melissa Stockwell

Cybersecurity Expert, Small Business Technology Consultant, Managed Services Provider, Managed IT Support

Thanks for reading this short post. For more tips on thriving with small business technology, check out the other blog posts at DWPIA Blogs. You can find me on LinkedIn, Facebook, and Twitter.

I am also a published author and speaker in cloud computing and cybersecurity, working extensively with business and professional associations to provide small business technology education programs. Contact me if you would like me to speak at your association