From the Gale Web Site:
Gale recently learned of an incident that exposed some individuals’ names and email addresses. This information was accessed via a publicly facing Gale website. Because there is no sensitive personal information provided at this website, no financial data or social security numbers were exposed. Upon learning this, we took immediate steps to contain the incident – including temporarily moving some Gale websites offline. We also engaged Optiv, a leading cybersecurity solutions firm, to assist us in our review and remediation efforts. The investigation has concluded and Optiv has determined that the affected server contained limited contact information; specifically, names and email addresses.
We value our relationships and are reaching out directly to affected individuals to provide additional information about the incident.
Most importantly, there is no indication that any of the information exposed in this incident has been used inappropriately as the sites only collected names and email addresses. There is no evidence that other information was impacted.
Further, this incident does not impact Gale products, nor billing financial systems handling financial data, which are hosted and secured separately. Gale products were never accessed; data is not stored there, and no information was exposed. Customers can continue to use our websites, including Gale Pages and statewide portals, as well as customer support hubs like support.gale.com.
UPDATE: The page linked above at https://www.gale.com/incidentresponse is NO longer live. An archived copy of the announcement is available here via The Wayback Machine.