Japanese game developer Nippon Ichi Software has revealed that its US branch, NIS America, has suffered a major data breach compromising the personal and financial data of online customers. As an apology, the company is also offering codes for a $ 5 discount on customers’ next purchase through their online stores as a “little token” for those affected.

In an email sent to affected customers last week, the company said the breach took place between January 23 and February 26 at its online stores, including store.nisamerica.com and snkonlinestore.com.

Hackers were able to gain access to customers’ payment card details and address information for any new orders placed and paid for by credit card during this time. However, customers who placed orders using PayPal were not affected by the violation.

“On the morning of February 26, we became aware of a malicious process that had joined our payment page,” NIS America said in the email. “This process was used as of January 23, 2018 to go through personal information provided by our customers during checkout after placing an order in our store. Subsequently, the malicious process returned the customer to the NIS America store page to complete. their operation.

“Transactions made in this manner have always been successfully completed on the NIS America store pages. However, payment information recorded by the malicious process could be used for fraudulent charges in the future.”

The company noted that it does not store payment card information for customers who have user accounts on any of its stores.

“User accounts are primarily used to track past orders and earn reward points. Data from past orders is stored securely and will only display the last four digits of a credit card, and will only display the last four digits of a credit card. will not display the CVV security code or expiration date, “it is noted.

NIS America said its store pages were immediately taken offline to prevent further breaches and analyzed all of its processes to determine “the exact point of entry as well as to determine when this change occurred at our stores in Canada. line”.

“We have taken steps to resolve the issue that caused this breach, as well as several other steps to improve the security of our site,” the company said. “At this time, we can say that we have identified the issue, removed it from our website, and taken steps to prevent this issue from reoccurring, along with additional new security for our online stores.”

He did not say how many customers were affected by the breach or provide further details on how the attack was carried out.

Customers were asked to change their user account passwords, monitor their bank or credit card statements for any suspicious activity, and beware of questionable emails, texts, phone calls, or questionable websites that ask. personal information.

“Our customers are our top priority, and it is our responsibility to provide a safe and secure environment for you to shop with confidence,” the company said. “We know that this issue and the steps needed to resolve it can be frustrating. We share these sentiments and are committed to doing our best to resolve this issue and prevent it from happening again.

“We would not reopen our online stores if we did not have the assurance that they are a safe place to shop. We are committed to regaining your trust and hope to have the opportunity to serve you again soon. “, he added. the company said, adding that codes for a $ 5 discount on online purchases will be sent to those affected soon.

“We understand this is a small token, but we hope it shows our commitment and appreciation to our customers as we begin to earn your trust back.”

IBTimes United Kingdom contacted NIS America for further comment.