The incident occurred last weekend when discarded internal financial reports containing credit card information were recycled and used for printing the routing slips, the Globe said in a statement. The slips were attached to some 9,000 Sunday Telegram & Gazette newspaper bundles.
The Globe and Telegram & Gazette are owned by The New York Times Co. and share a computer system.
The Telegram & Gazette has stopped reusing paper this way, the statement said. The newspapers think most of the slips were thrown out – the typical practice – but advised customers to contact their credit card providers if they are concerned about possible fraudulent use of their information.
So far, there have no reports of the credit card numbers being used in an improper way. The newspapers have agreed to provide affected subscribers with a free credit-monitoring service for a year.
"We deeply value the trust our subscribers place in us and we are working diligently to remedy this unfortunate situation," Boston Globe Publisher Richard H. Gilman said. "We regret the disruption and inconvenience that this incident may cause."
Meanwhile, Massachusetts Attorney General Thomas F. Reilly is reviewing whether the newspapers violated consumer protection law by releasing the personal information, the Globe reported today.
Security breaches – some caused by hackers, others by accident - have been widespread so far this year.
Among the breaches announced since Jan. 1 were incidents at Ameriprise Financial, People's Bank, the Atlantis resort in the Bahamas, the University of Notre Dame, Rhode Island's government website and Oregon-based Providence Home Services.