The account information for customers at Dead River Company, may have been compromised by malware on internal company computers, the company said in a statement Tuesday.
Anyone who made payment or credit application transactions by phone or email between March 6 and 8 may have been affected, the company said. The transactions affected were only those entered by a customer service representative through a web browser, according to the statement.
The company plans to notify customers who may have been affected by mail. The company estimates less than 1 percent of customers will be contacted, according to Lisa Morrissette, Dead River Company’s brand and marketing manager.
The company is offering customers one year of a credit monitoring service as well as information on identity theft and fraud.
Social Security numbers and dates of birth are not stored on Dead River Company servers.
It’s not clear if the company was the victim of a cyberattack. The company has commissioned outside cyber-forensic experts to investigate.