Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Herff Jones Credit Card Breach Impacts College Students Across The US

Herff Jones Credit Card Breach Impacts College Students Across The US

Graduating students from several universities in the U.S. have been reporting fraudulent transactions after using payment cards at popular cap and gown maker Herff Jones.

In the wake of the reports that started last Sunday, the company started an investigation to determine the extent of the data breach.

Senior students spot illegal card charges

The complaints continued through this week, alerting others to check their card statements for illegal charges. The issue is affecting students across the U.S. at universities in Indiana (Purdue, IU), Boston, Maryland (Towson University), Houston (UH, UHD), Illinois, Delaware, Michigan, Wisconsin, Pennsylvania (Lehigh, Misericordia), New York (Cornell), Arizona, North Carolina (Wake Forest), Florida (State University), California (Sonoma State).

Herff Jones was completely unaware of the breach until students started to complain on social media about their fraudulent charges to their payment cards.

The common denominator was that they were graduating students that had purchased commencement gear at Herff Jones. Some of them had to cancel their payment cards and dispute the fraudulent charges with the bank.

Also Read: Compliance Course Singapore: Spotlight On The 3 Offerings

Senior students complain of fraudulent card activity

Apart from delivery delays, the students complained of fraudulent charges varying from a tens of U.D. dollars to thousands. While most reports mention losses between $80 and $1,200, one student stated that a friend of theirs was charged $4,000.

“Someone just bought a ps5 with my card info and I respect the hustle,” said one student. A parent chimed in saying that their “daughter and about 30 other graduates that she knows of at her school (not Purdue) have had their debit cards compromised through HJ [Herff Jones].”

One senior at Cornell University stated that they had to cancel their credit card because it had been stolen and fraudsters tried to charge $3,000 to “asics” and used it on adult content subscription service OnlyFans.

It is unclear when the breach at Herff Jones occurred but some of the earliest transactions date from the beginning of the month. Multiple students said they had purchased graduation items in April.

On May 12th, Herff Jones issued a statement acknowledging the payment card data breach and apologizing for the incident.

Also Read: Considering Enterprise Risk Management Certification Singapore? Here Are 7 Best Outcomes

“We sincerely apologize to those impacted by this incident. We are working diligently to identify and notify impacted customers” – Herff Jones

The company is investigating the incident with the help of “a leading cybersecurity firm.”



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us