A data breach in the American arm of Nippon Ichi Software has comprised customer information, according to an email the company sent out to users earlier this week.
The breach occurred between January 23 and February 26 on online stores owned and operated by NIS America.
Customer information, including address and payment details, was taken directly from orders placed using a credit card. Order placed using PayPal during this period were unaffected.
Hello everyone, you may have received an email regarding a data breach of the NISA Online Store. This is a valid and legitimate email. Please stand by as we work on resolving the issue. Thank you for your patience and understanding!— NISAmerica (@NISAmerica) March 1, 2018
According to the email, which was posted on the Resetera forums, customers using the storefront would be redirected to a third party page during the transaction process which would then skim their data before returning them to the NISA page to complete their transaction.
"We know that this issue and the steps needed to resolve it can be frustrating," NISA told affected customers. "We share these feelings, and we pledge to do our best to get this issue resolved, and prevent it from happening again.
"At this time, we can say that we have identified the issue, removed it from our website, and taken steps to prevent this issue from recurring, as well as added new security to our online stores. We would not be reopening our online stores if we did not feel confident that they are a safe place to shop.
"We are committed to earning back your trust and confidence, and we hope to have the opportunity to serve you again soon."