According to a letter that IEEE sent to the New Hampshire Attorney General, the IEEE became aware of an intrusion into its database, exposing names, credit card numbers, expiration dates, and card security numbers of 828 members who hold IEEE credit cards.
IEEE said that a forensic evaluation of its networks conducted between mid-December 2010 and February 10, 2011, found that a file containing the credit card information had been deleted from the network on Nov. 17, 2010. The evaluation also discovered vulnerabilities that the professional association “immediately corrected” to avoid future network incursions.
“Although we have no proof that any of this credit card information was removed from IEEE’s database or copied, or that anyone to date has used any of this credit card information to make fraudulent charges, we are, out of an abundance of caution, notifying all 828 cardholders of this unauthorized access”, the letter said.
The professional organization said it would offer those affected by the data breach with a complimentary one-year subscription to LifeLock.