Some Boston Globe and Worcester Telegram & Gazette distributors got more than their loads of Sunday papers last weekend.
The newspapers accidentally sent out slips of paper with credit card data printed on routing slips to retailers and carriers, Reuters reports.
The routing slips were attached to some 9,000 bundles of Telegram & Gazette newspapers, but because the Globe and Gazette share a database Globe customer data was also compromised, according to the two papers, which are owned by The New York Times.
“Immediate steps have been taken internally at the Globe and Telegram & Gazette to increase security around credit reporting,” said Richard Gilman, publisher of the Boston Globe.
Up to 240,000 people may have had their credit card information exposed.
The data was sent out because Telegram & Gazette, which circulates both papers, printed routing slips on recycled paper that had already been used to print internal reports and other sensitive data.
“We’ve put a stop to that,” said Boston Globe Spokesman Al Larkin of the practice.
The papers have set up a phone number, (888) 665-2644, where subscribers can check whether or not their information was sent out.
The organizations attempted to track down the routing slips, but they believe most have already been discarded.
For CIO sister-publication, CSO’s coverage of recent data breaches and other related incidents, check out the Security Feed page.
For CSO’s coverage of the high profile ChoicePoint breach reported last year, read The Five Most Shocking Things About the ChoicePoint Debacle and listen to our podcast Reaction to the Gigantic ChoicePoint Penalties for analysis of the recent fine the company received.
For general information on how to prepare for and prevent and data breach, read When the Dike Breaks: Responding to the Inevitable Data Breach.