Kiplinger Washington Editors Inc., the publisher of Kiplinger’s Personal Finance, warned customers that hackers breached its computer network on June 25 and stole account data, including credit card numbers. Doug Harbrecht, the company’s director of new media, said the attackers stole user names, passwords and encrypted credit card numbers from as many as 142,000 subscribers to the magazine or the company’s various newsletters, including the Kiplinger Letter.
Harbrecht said the two-week delay in notifying customers resulted from efforts to understand the extent of the break-in by “an unidentified third party,” as the Kiplinger website described the intruders. He said the company notified the Federal Bureau of Investigation and is working with the agency on a probe of the incident.
“Part of the problem is we still don’t know exactly what the hackers got,” Harbrecht said in a phone interview. “We had to find out as much information as possible before we could respond.”
Harbrecht said Kiplinger believes the risk of identity theft is small because the account information didn’t include e- mail addresses. While the credit-card numbers were encrypted, Harbrecht said that encryption in rare cases can be broken. Kiplinger is advising customers to call their banks and replace the card numbers, he said.
“We think the risk level is minimal,” Harbrecht said. “We just want people to know we got hacked.”
