It is my unfortunate duty to inform the customers of Solarbotics who have used our web interface to place credit card orders that this information used on solarbotics.com has been compromised.
We recently had reason to suspect that our website had been somehow compromised regarding the credit card processing of customers' orders. Upon completing an in-depth analysis, we did indeed find malicious code embedded in the portion of our website that linked the customer data to Moneris Solutions, our credit card processor that is a joint-venture between the Bank of Montreal (BMO) and RBC Bank of Canada. This breach may have been in effect since October 24, 2017 until we corrected this on May 3, 2018.
Unless you have been directly notified by Solarbotics in a separate email, your credit card data was not subjected to this attack.
This malicious code collected credit card data (number, expiration, and CVD), but we do not have definitive proof that any other personal data wasn't compromised. We are currently directly emailing all customers we know have been affected, but as we do not have definitive proof of the limit of what data was accessed, we're posting this announcement. We strongly recommend all Solarbotics online customers change their passwords.
We are now confident the breach has been fixed, and we've since patched and added additional layers of security around our existing website. Furthermore, we are soon to be deploying our new website that has been in development over the last 12 months with more security features to protect from similar attacks.
I wish I had more enjoyable news to relate other than another breach in webcentric privacy. I sincerely apologize for any additional stress this may cause you. We hope you still will want to do business with Solarbotics, and if so inclined, we'll be happy to take your order over the telephone and process your transaction payment manually.
Further to this, we are updating our terms-of-service (I'm sure you saw that coming) to further comply with the GDPR. You can review these terms at our website.
If you have any questions regarding this situation, I am personally available to answer them to the best of my abilities during standard office hours at 1-866-276-2687.
Sincerely and apologetically,
President, Solarbotics Ltd.