Label maker Avery says ransomware investigation also found credit-card scraper therecord.media/avery-pro…

The world’s largest supplier of labels said a ransomware attack in December prompted an investigation that led to the discovery of a data breach impacting the information of about 67,000 customers.

In breach notification letters, Avery Products said a ransomware attack was discovered on December 9 and prompted an in-depth investigation led by forensic experts.

They found that “an unauthorized actor inserted malicious software that was used to ‘scrape’ credit card information used on our website” between July 18, 2024, and January 5, 2025, the company said in letters provided to regulators in Maine.

Avery Products said names, billing and shipping addresses, phone numbers as well as payment card information including CVV numbers and expiration dates were stolen.