LaCie is the latest major retailer and tech company finding itself to be the target of a major security breach by unknown assailants.
The French hardware company confirmed in a statement on Tuesday that malware successfully made its way through to access sensitive customer information stemming from transactions on its website.
Here’s where things get really bad: Virtually everyone who shopped on LaCie’s website in the last year is at risk.
LaCie, which is set to merge with American hard drive maker Seagate, said it was informed about the breach on March 19, 2014 by the FBI.
But the hardware company speculated that all transactions between March 27, 2013 and March 10, 2014 were possibly affected.
Brian Krebs, the former Washington Post reporter who first broke the Target security breach story last winter, reiterated on his security blog on Tuesday that he previously published evidence about the LaCie attack last month.
Krebs said that had the digital storefront had “been compromised by a group of hackers that broke into dozens of online stores using security vulnerabilities in Adobe’s ColdFusion software.”