Dow Jones & Co., the publisher of The Wall Street Journal, revealed Friday that it was the target of a hack that may have exposed credit and debit card information of "fewer than 3,500 individuals."
Dow Jones CEO William Lewis disclosed the data breach in a letter to customers.
The unauthorized access apparently took place between August 2012 and July 2015. There’s no "direct evidence" yet that customer information was actually stolen and abused, he said.
"We have been working with law enforcement as well as a leading cybersecurity firm to assist with our investigation. We understand that this incident was likely part of a broader campaign involving a number of other victim companies," Lewis wrote.
"It appears that the focus was to obtain contact information such as names, addresses, email addresses and phone numbers of current and former subscribers in order to send fraudulent solicitations."