Indie music conglomerate Beggars Group—comprised of labels such as 4AD and Matador—revealed Tuesday that their online store got hacked between April 28, 2016 and May 4, 2016. Beggars Group represents artists like St. Vincent, Vampire Weekend, FKA Twigs, Radiohead, and countless other bands I am not cool enough to be aware of. In a letter sent out to potential victims of the breach, Patrick Amory, the president of Matador, explained:
“On May 4, 2016, we were advised by our third-party website developer that it had identified and removed suspicious files from the e-commerce websites of the record labels for which Matador Direct is the distributor. We quickly began an investigation and hired a third-party cybersecurity firm to assist us...
Findings from the investigation show that if a customer attempted to or did place an order on one of the affected websites from April 28, 2016 to May 4, 2016, information associated with the order being placed, including the customer’s name, address, phone number, email address, payment card number, expiration date and security code (CVV), and account password for the website on which the customer placed an order, may have been obtained by an unauthorized third-party.”
Beggars declined to tell Pitchfork how many accounts were affected. They did advise people who have accounts on their website to reset their passwords. So if you’re one of twelve people who still buys music the old-fashioned way, you should probably do that. And please, for the love of god, do not make it 123456.