TrueFire Data Breach Exposed Payment Card Account Numbers, Other Personal Information

cyber-criminal-gray-hoodieNOTICE: If you made a TrueFire purchase through the website truefire.com between August 3, 2019 and January 14, 2020, contact the Arnold Law Firm at (916) 777-7777.

On March 10, 2020, leading online guitar instruction provider TrueFire (truefire.com) informed its customers of a data breach spanning nearly six months, involving names, addresses, payment card account numbers, card expiration data, and security codes. Although the company claims to not store payment information, unencrypted consumer details may have been captured in real time as users bought classes and courses online.

TrueFire’s computer system was accessed by an unauthorized person between August 3, 2019 and January 14, 2020. Although the breach was detected on January 10, 2020, the company failed to notify customers for two months and did not offer an explanation for the delay. The company advises its customers to review credit card statements for unusual activity but did not offer to provide users with free credit monitoring services.

TrueFire boasts the “largest and most comprehensive selection of online guitar lessons” with 500,000 students from 200 countries who use TrueFire’s interactive self-study courses and learning systems for online workshops and classrooms. The company is working with computer forensic specialists to determine the full nature and scope of the intrusion. It is unknown how many of its users may have been affected by the data breach.

If you made a TrueFire purchase through the website truefire.com between August 3, 2019 and January 14, 2020 and have received a NOTICE OF DATA BREACH email or letter regarding this incident, contact the Arnold Law Firm at (916) 777-7777 to discuss your situation and possible legal options.