Minted, a digital marketplace for independent artists, started informing its members last week about a security incident that exposed personal information of 5 million users. Apparently, the notification was sent after the company learned its user account database was being sold on the dark web.
“We recently became aware of a report that mentioned Minted as one of ten companies impacted by a potential cybersecurity incident,” the letter reads. “We promptly undertook an investigation, with the assistance of outside forensic experts. The investigation determined that, on May 6, 2020, unauthorized actors obtained information from the company’s user account database. Since determining this on May 15, we have continued to investigate expeditiously to assess what information was impacted and identify affected individuals.”