Avery label maker confirms attack on its site, customer credit card info stolen

• Avery discovers a credit card skimmer installed on its website
• Tens of thousands of people have had their sensitive data taken
• It is now offering free credit monitoring services to affected individuals

Hackers have been discovered stealing payment and personally identifiable information (PII) from customers of printing giant Avery for over half a year, experts have claimed.

Tens of thousands of people may have been affected by the incident affecting Avery Products Corporation, a major manufacturer of printable labels, name tags, dividers, and other customizable office supplies.

In a data breach notification letter sent to affected customers, Avery said it became aware of a “ransomware attack” on December 9 2024.

Files abused in the wild

“Our investigation determined that an unauthorized actor inserted malicious software that was used to “scrape” credit card information used on our website between July 18, 2024, and December 9, 2024,” the letter ...